The documentation (http://developers.box.com/webhooks/) talks about webhooks in the context of "user's account". I read that as getting notifications only about the objects to which I have access.
Let's say I want to be notified every time there is a new upload anywhere across my organization. Do I need to be an admin to accomplish this, or is the webhooks scope not subject to my user permissions?
While we're continuing to enhance webhooks, there is some administrative functionality built-in. For instance, if you can get your webhooks installed for all your users, and have the webhook point to one endpoint, that can track all activity in your account.
There is a way to force webhooks on all users in your domain as an administrator. However, this feature hasn't been optimized for companies that use webhooks for internal use. That's still in progress.
If you'd like to be kept in the loop, or try some workarounds with what we have, feel free to contact us at api [at] box [dot] com. With more information, we may find something that works today, based on your exact needs.
At this point, the webhooks are only provided at the user level. If you log on as an admin and setup an application that gets webhooks, you will only get the same set of notifications as you see in the "Updates" tab in the Web UI.
We are looking to expand the webhooks capabilities, and this is one area that we may explore. However, it is not currently scheduled, so I can't provide any idea of even rough dates.
Related
We want to use ejabberd in the context of a web application having fairly unique and business rules, we'd therefore need to have every chat message (not protocol message, but message a user sends to another one) go through our web application first, and then have the web application deliver the message to ejabberd on behalf of the user (if our business rules allow the message to be sent).
The web application is also the one providing the contact lists (called rosters if I understand correctly to ejabberd). We need to be and remain the single source of truth to ease maintenance.
To us, ejabberd value added would be to deliver chat messages in near real-time to clients, and enable cool things such as presence indicators. Web clients will maintain a direct connection to ejabberd through websocket, but this connection will have to be read-only as far as chat messages are concerned, and read-write as far as presence messages are concerned.
The situation is similar with regards to audio and video calls. While this time the call per see will directly be managed by ejabberd to take advantage of built-in STURN, TURN etc... and will not need to go through our web app, we have custom business logic to manage who is able to call who, when, how often etc... (so in order words, we have custom business logic to authorize the call or not and we'd like to keep all the business logic centralized in the web app).
My question is what would be the proper hooks we'd need to look into to achieve what we are after? I spent an hour or so in the documentation, but I couldn't find what I am after so hopefully someone can provide me pointers. In an ideal world, we'd like to expose API endpoints from our web app that ejabberd hooks can hit. However, the first question is: which relevant hooks is ejabberd offering and where are these hooks documented?
Any help would be greatly appreciated, thank you!
When a client sends a packet to ejabberd, it triggers the user_send_packet hook, providing the packet and the state of the client's session process. Several modules use that hook, for example mod_service_log.
I am building a school application that will connect parents to teachers, i am using Ionic 3 and Laravel 5.6.
And i want to be able to send a notification to all parents, when for instance a teacher gives an assignment, when the teacher enters the assignment question and click on the send button, the question is save to the database, after then a notification should be sent to the mobile devices of all parents who's children are taking that subject.
I have done a lot of research on how to do this, on the Cordova Push Notification Plugin and Cordova Local Notification. I have followed a video tutorial that implements Firebase and Push Notification, and also One Signal and Push Notification. But i was still unable to achieve what i wanted.
If they are anymore materials out there, that could help me achieve this, I will be so grateful to have someone share it with me, or if anyone can help me out with is, I will be very happy.
These are the other materials I found:
The PHP Package repository
Laravel Notification Channels
Quora
Please let your users know that using OneSignal's "free" service would allow the company to get users data and sell it to others.
Google's Firebase cloud messaging service is reliable but comes with a cost if you want many connections. See Firebase Pricing Plans.
I personally used fcm. It was not really a breeze implementing it on my thesis but it worked nicely. No need to make the app listen on background for incoming notifications then create a local notification, me not selling my users data, and not paying anything on the use of firebase's services. I used the free 300 dollars gift from google cloud to shoulder the expenses from the firebase spark plan.(free for 12 months)
A warning if you use the cordova plugins of fcm: If you have a cordova plugin that uses google's services it may come in conflict with the fcm plugins you listed above due to different versions used. It may need manual editing on the src plugins.
If you decide on using fcm, this link might help you.
The basic steps you have to do after you set up the needed environment is to
Get FCM token on platform.ready async.
Save it to firebase under the said user
Create a cloud function that will send notifications
When changes are imminent to the API version, are admins/devs notified in advance via email or some other system?
Some companies I have found use twitter, hitch, or nothing at all to notify users of changes that may be deprecated. My goal is for us to stay on top of API changes so we never experience breakage.
I don't think this is the case. When Google makes changes to the Drive API (and to others), most of the time it is written on the Relase Notes.
There is also the Migration Page Guide where Google lists what's new and what's deprecated. Google also writes in red letters the outdated functionalities in their guides. Another way is they update devs is to announce it during conferences like Google I/O.
And lastly, the support page tells us devs to post questions here on Stackoverflow.
We are integrating the Box into our application for iOS. We would like the user’s info – particularly user name. We use the method GET /users. It works well with private users and regular users on enterprise account, but is a bit inconvenient for enterprise administrator. We get the list of all the users in this account.
Is it possible to distinguish the particular administrator name from this list? Is it the first name in the list?
Use
GET /users/{user id}
To get information of an individual user. Regarding whether you can distinguish an admin in the list, you cannot do that for now. Atleast, they do not support it for now
I would just like to add that the users endpoint is one for which the Box Platform team is still adding features before we take the V2 API out of beta. Currently, you may find more possibilities with the V1 API, in particular, the get_account_info call. However, it's best to use the V2 API as much as possible, since the V1 will be deprecated soon.
Not sure if the title is quite right for the question but I can't think of any other way to put it..
Suppose you wanted to create multiple different web apps, but you wanted a user who was logged into one app to be able to go straight to your other app without re-logging in (assuming they have perms to look at the other app as well). If I'm not mistaken, if you're logged into gmail you can go straight to your iGoogle, googleReader, etc without re-logging in (if you set it up right).
How would you approach this? What would you use? Assume the apps already exist and you don't want to change the initial login page for the users.
What you're looking for is called Single Sign On. If you follow the link you'll find several implementations.
Open ID as others have mentioned is not such a scheme as it requires a seperate login for each site. Open ID is merely a shared authentication system.
You would issue a cookie against foo.com, which would then be visible on app1.foo.com, app2.foo.com.
Each application can then use the cookie to access a centralised authentication system.
Try CAS it should provide the features you are looking for.
What you want is a single sign-on (SSO).
There are two approaches to solving this problem:
Roll your own implementation. In its most trivial form it can be implemented by the first site setting a cookie that holds the ticket for the logged on user and the second site verifying that ticket and accepting the logged on user. There are quite a lot of potential pitfalls here:
you have to protect yourself against information disclosure - make sure that the ticket does not contain the actual user credentials
you have to protect yourself against spoofing - a man in the middle stealing a valid ticket and impersonating one of your users
and others
Adopt a third party SSO mechanism. Google, Microsoft, Facebook and other big companies allow integrating with their identity providers, so that your users could log on to their website and they handle verification, ticket issuing and so on. There's also OpenID, which is an open protocol you can use to enable SSO on your site through virtually any identity provider that supports OpenID. The potential drawback here is that somebody else controls your access to your user identity and can limit the features you can offer and data you can mine for your users.
As mentioned you can use something like OpenId or similar to make the process simple. Otherwise if you roll your own you could use a cookie to store the login, then basically ALL applications must have an entry point that mimics the base url.
Google for example uses mail.google.com to as a pipline into Gmail which allows it to read a cookie stored with the google.com domain.