I am new to Yii2 ( I have used Yii previously).
Is there any straight forward way in Yii2 through which a user can be restricted to edit/delete his own content. for eg.
I have some posts in my system.Published posts can be seen by anyone.(only owner can view unpublished posts).
A post can be edit/delete by only content owner or Admin
You can use the components provided by Yii2 for the authorization and control of access to the actions permitted to a user. To do this you should take a look at this:
Yii user Authentication
Related
i want to provide role based route access e.g there is two types of user 1.Admin and 2.normal user.
if normal user try to access admin pages through url then user will redirects to dashboard page and same case for admin.
This is quite a lot of code you're asking for.
One thing you need to look into is Route Guards which let you protect access to routes based on your own written criteria:
https://angular.io/guide/router#milestone-5-route-guards
You also need to pick a way to manage your roles and users. A popular way for Ionic is to use Firebase:
https://firebase.google.com/
A great tutorial for setting this all up is over at AngularFirebase.com (currently rebranding to Fireship.io).
It's a long tutorial, and you will need to follow an additional tutorial for setting up the login system as well, but it will get you to where you want to be.
Role Based Authorization With Firestore and Angular
I am using Yii2 User module for managing users in my Yii2 project. I have enabled authentication with Google and Facebook. I can login with Google and Facebook, but cannot register a new user with social authentication. It looks like it was possible in previous versions of yii2 user according to this. (https://code.tutsplus.com/tutorials/how-to-program-with-yii2-google-authentication--cms-24987)
However the registration form does not have the links anymore. Isn't this possible now?
PS I have "dektrium/yii2-user": "0.9.*#dev", in my composer
Is it possible to add a vcard for some other jabber user in ejabberd. I am logged in as admin#domain.com. While creating users in my website i am registering a jabber account for the same user. Now i need to add vcards for those users. While trying to add vcard for a new user, i can see that the vcard entry is added to the currently logged in user(in my case it is admin#domain.com). I am using strophe library and the code used for adding vcard is as follows.
iq = $iq({ type: 'set', to: 'user#domain.com' }).c('vCard', { xmlns:'vcard-temp' }).c('PHOTO').c('EXTVAL', 'http://image_url/image.jpg');
conn.sendIQ(iq);
But i can achieve the same using
ejabberdctl set_vcard jabber_id domain PHOTO img.jpg from CLI
The purpose is to add profile images to users. I have the profile images saved in my server for each users registered in my site. Currently i am doing an ajax call for fetching the user profile image. Is there any alternative for this? Any help will be really appreciable.
XMPP protocol does not define a way to edit vcard for other users and ejabberd does not implement something special to allow this.
You can use a database backend for Vcard or write a custom Vcard backend plugin to suit your needs.
I am creating an iOS App which the user will be able to login to via his account with our website (internal), or via Facebook or Twitter.
What I would like to know is how should I manage the database in order to verify his Facebook / Twitter account with his internal account on my website?
I.e When the user logs in via his internal account, I just run a simple authentication check to see if his username and password are valid. However with Facebook and Twitter, I obviously can't do this as I don't have access to the user's password.
Thanks in advanced.
my suggestion is that you would create a new table for each of the login types and connect it to your users/members table.
for example - for facebook login you would have a facebook_users table to hold the user's data (such as name, pic and most important - fbid)
than add a column named facebook_user_id to your existing members table.
in order to get the logged user from facebook you don't need to access his password... you should use the Facebook JS SDK and specifically the FB.getLoginStatus and FB.login function...
offcourse my suggestion is only one of many applicable ways to accomplish the task
Save fbid instead of fb-login user_name (you can keep both) of the user in your internal login table - A unique mapping exists (I'm sure something similar exists for twitter as well). Why do you need fb password for it?
Moreover, you run the check on internal table to authenticate user account, but when using login from fb or twitter, isn't the user already authenticated?
I have a simple product catalogue for businesses. There is a catalogue's management interface for adding products. Each business has a unique domain name where all its products are listed.
I would like to extend catagloue's functionality and allow businesses to have their products listed on facebook.
Functionality of the facebook application:
- Each business can install application from catalogue's management interface (I would like to have a button that opens facebook in a new window and prompts user to authorize access to one of user's existing Facebook Pages)
- installing application adds a Tab on selected Facebook Page,
- by clicking on a Tab visitor of the Facebook Page is presented with a list of products specific for this business. Data for that page is dynamic and can be accessed with a REST call and presented as json or html.
We would like each business that have a product catalogue with us to install application and have it automatically configured to use specific domain name when requesting product data.
Is it all technically possible? Could you point me into the right direction on how to
- install application from external website
- configure that application with a parameter (perhaps passed in url when requesting application installation)
- automatically add Page Tab for this application
Cheers,
Michal
Yes it is possible. But it'll be a little different from what you are thinking, i guess.
I recently implemented code to add a tab to a page programmatically, it is as follows(in PHP) :
$tabAdded=$facebook->api("/".$id."/tabs","post", array("access_token" => $access,
"app_id" => $fbconfig['appid']));
From the code we see that we need an app id, an access token, and the page id($id). $facebook is an instance of the FacebookPHPSDK.
So here's how we can get the three things in question:
First app id, you'll need to create a Facebook page tab app, select Page Tab in the app's Basic settings (where you can mention the page tab url. This url will have the content for a page tab.) You'll also need to enable website because you need to ask the user for necessary permissions (namely manage_pages). For your specific requirement you have to give the domain of the catalogue management app.
Second page id and access token, once you have manage_pages permission you can query the graph api to get the pages of the user using : api('me/accounts') this returns data with page name, page category, page id, page access token for all the user's pages.
#thaddeusmt has already mentioned that you can't create new applications, and need to use the same app, you have to read the signed request and get the page id, and serve content. All that will be left to do is link your customer domains to the correct page ids.
Hope this was useful.
You can install/uninstall (add/remove) application tabs to/from Pages using the Facebook API:
http://developers.facebook.com/docs/reference/api/page/#tabs
You cannot create new applications, however. So you will need to use the same application for each Page.
The way you can show different content for each Page in the Tab (using the same application) is by checking the Signed Request. This contains the ID of the Facebook Page. The code that serves up your application Tab can look at the Page ID and serve up the appropriate content for that Page.
I hope this helps get you on the trail. Good luck!
Yes it is possible.
It's a two way process
First you have to get page_access_token through graphAPI.
www.facebook.com/?fields=access_token
This will return Page_access_token.
Use page access token and use post method
www.facebook.com/yourpageid/tabs/
Post Parameters:
app_id= 'YourAppID'
access_token = 'access_token'
That way you can add your facebook app into facebookPage.