I have created a anti-abuse command where I want to ignore Administrators of the server and I have used this like
const permission = [PermissionFlagsBits.Administrator];
if (message.member.permissions.has(permission)) return;
And it gives this error.
TypeError: Cannot read properties of null ( reading "permissions)
It would be great if someone helps me!
I was expecting that it would ignore Administrators and take action though the members..
Related
I have a GraphQL API that is governed by a permission system that I implemented.
I tried going with Graphql-shield but I didn't want to error out on the whole request if the client requests a forbidden field, so instead I implemented my own permission system.
Now, I need to solve a problem:
The way I implemented the permission system means that every field is checked if it is permitted and if it is not then null is returned. However, I would like to return some indication that the field was not actually null but that the field was "not permitted".
I thought about doing it in two ways:
During each check I append to some query-wide variable all fields that are not accessible and return it along with the query (probably in some middleware of some sort)
I extend all of the objects in my schema with a "permitted" field in which I return the value of the permission
Any suggestions ?
IMHO not worth the effort ... api faq or docs (available in graphiql/playground) can contain notice about 'unexpected null', ACL resons etc. It's enough for majority of use cases.
If you still want to include some [debug] info in response extensions are for that, f.e. https://github.com/apollographql/apollo-tracing , - in this case:
just attach a list of 'field access denied' [structured] notices;
collect them (in/from resolver) in some context object, attach in middleware (?), before overal response return;
Make it configurable (debug mode), too.
I've been trying to make a ship command that can either ship the author of the message with a mentioned user, or ship two mentioned users. I can get the 1st mention in a message but I have no idea on how to get the 2nd or even third mention in a message. I tried using:
message.mentions.users.first(2)
splitting the args then slicing them so only the second mention is avalaible, but this gives an "undefined" error when I try to get the username.
Could someone give me a script on exactly how to do it since I can't really get the hang of this
According to the documentation message.mentions.users yields a Collection. So you can just iterate over this collection or convert it to an array and then access the required index:
const userArray = message.mentions.users.array();
console.log(userArray[yourDesiredIndex]);
I created a class in my Parse Server, using the Parse Dashboard, and then I changed the Class Level Permissions to allow only one user to perform read and write operations in the documents of this class:
The user that is supposed to have access to this class was also created manually through the Parse Dashboard and it looks like this:
However, when I try to query documents from this class, using this user in specific, I keep getting the error message "Permission denied for action find on class Person". This is how my code to login and query the class looks like:
const Person = Parse.Object.extend('Person')
Parse.Object.registerSubclass('Person', Person)
Parse.User.logIn('username', 'password').then(user => {
console.log('E-mail: ' + user.getEmail())
console.log('Created: ' + user.createdAt)
console.log('Current: ' + user.isCurrent())
console.log('Authenticated: ' + user.authenticated())
const query = new Parse.Query(Person)
query.equalTo('name', 'John')
return query.find()
})
I included a bunch of console.log's to check what information about the user is being printed and I confirm that the login seems to complete successfully because the fields email and createdAt match the information that I see in the Parse Dashboard. However, the field authenticated and current both return false, but I don't know why. I was expecting them to return true.
This is the only place in the application that I try to login the Parse Server and perform an operation that is restricted to only one user. Any idea why I'm getting this "Permission denied for action find on class Person" error?
I guess that this is related to security. Generally Parse will not allow a user to get data about any other user, unless you do some actions - e.g. - allow it from the dashboard. But anyway I guess that you have to do it one by one.
Cannot read property 'vgN' of null in wiriseditor.js at 7:21327
we are getting many issues which are recorded in TRACK.JS tool but we don't know whether users impacted or not?
please let us what's the root cause or solution.
I get the error "Exception occurred calling method NotesDatabase.createDocument() null" for the following:
var db:NotesDatabase = session.getDatabase("", viewScope.targetDb);
if (db != null) {
if(db.isOpen()){
}else{
db.open();
}
} else {
}
var doc:NotesDocument = db.createDocument();
Comments:
The database db is available and "open".
The user has enough rights in the targetDb to create documents.
What is wrong?
I changed db.isOpen to db.isOpen(), according to Paul Stephen Withers tips.
And now db.open() gives the error "Exception occurred calling method NotesDatabase.open() null" although that I can get, in viewScope variables, the server, FilePath, etc.
Change
var db:NotesDatabase = session.getDatabase("", viewScope.targetDb);
to
var db:NotesDatabase = session.getDatabase(currentDatabase.getServer(), viewScope.targetDb);
This works on the web as well as XPinC.
XPages isn't the same as formula, it doesn't like the empty string definition for the server name, which is contrary to the documentation which states (for the server parameter of NotesSession.getDatabase - javascript):]
The name of the server on which the database resides. Use null to
indicate the session's environment, for example, the current computer
Using null or "" gives error 500, it would appear.
The code from the question will work, if :
the if block is removed entirely
the viewScope.targetDb variable has a properly specified notes database file path, which exists on the same server as the current database
the current user has access to the target database ( by the ACL ), with the Create Database right
the target database has a Maximum Internet name and password above Reader as per #Paul
I suspect the cause is you're checking db.isOpen. You should check db.isOpen().
Worth bearing in mind is session.getDatabase(String, String) doesn't return null (unless you're using OpenNTF Domino API). It returns a Database object that is not open. So that if statement is irrelevant. Also best practice is to pass a server name to session.getDatabase() - you'll get a different outcome if the application is ever used in XPiNC with your current code.
Regardless of individuals' user access, "Maximum Internet name and password" on the Advanced tab of the ACL will override that. If maximum internet access is No Access, no one will be able to create documents. But I suspect that's not a factor here.
Pro Tip -- Get the Debug Toolbar and use that to print out messages to the XPage debug toolbar to see what is going on and if your viewScope variable is being set. Also, learn to use the try catch block to catch your exceptions and print out the error message to the debug toolbar. You will find your issue that way.
https://www.openntf.org/main.nsf/project.xsp?r=project/XPage%20Debug%20Toolbar