I am currently working on a nest JS project that leverages the google node package to delete an event from a users calendar (gcal). Gcal successfully deletes the meeting, but the deletion notification to attendees comes from the administration account the api uses to connect.
Is there a way to alias the notification that is sent out to attendees so it looks like the owner of the calendar sent out the notification, not the google api administrator?
node package
https://www.npmjs.com/package/google
google api delete docs
https://googleapis.dev/nodejs/googleapis/latest/calendar/classes/Resource$Events.html#delete
This is the code snippet
// https://googleapis.dev/nodejs/googleapis/latest/calendar/classes/Resource$Events.html#delete
await this.calendar.events.delete({
calendarId,
eventId,
sendNotifications: true,
sendUpdates: 'all',
});
Google Calendar will trigger the respective notifications based on the authenticated actor.
In your scenario, that will be "administration account the api uses to connect".
If you are using this automation script in a Workspace Environment, you may want to impersonate another user (like the event organizer for example) to delete the event.
To achieve that in a Workspace scenario, you will need Domain-Wide Delegation of Authority set up.
NOTE: Make sure the authenticated user (and/or the actor of the delete call) has enough permissions over the affected event in order to delete it or use an account with Calendar Admin role (or Super Admin).
Related
I need to get list of attendees of a MSTeams meeting call, and their times by an Azure Application.
For now, i've tried 3 different approaches without success:
Registering a Bot
Retrieve the attendee report of an event
callRecord subscription
In more detail:
Registering a Bot
MembersAdded event works as described in the documentation for v4.7 of the Bots SDK, ie. when a new user is added to a chat or a team, webhook is called, which does not work for online meetings. However for v3 of the Bots SDK there is a mention:
The conversationUpdate event with the membersAdded object in the
payload is sent when a user is added to a private scheduled meeting.
The event details will be sent even when anonymous users join the
meeting.
I've not tried this version of SDK, but i think it has the same behaviour as v4.7 because i don't see any request comming to my bot's webhook when an user joins a meeting.
Moreover, when i request Members of a meeting on message event to a bot by invoking:
var members = await TeamsInfo.GetMembersAsync(turnContext);
i get a list of team/chat members where a meeting is created but not the list of attendees of a meeting for the current time.
Retrieve the attendee report of an event
By this request, I can get the list of attenees, but only for live events.
However Teams clients (in preview mode now) can get this report for ordinary meeting with the full history of who/when entered/leaved a meeting with even guest names(!).
Anyway, this method has the following disadvantages:
As mentioned in the Get onlineMeeting and according to the Allow applications to access online meetings on behalf of a user, a Tenant administrator have to invoke PS command Grant-CsApplicationAccessPolicy for each meeting organiser, to grand my app permision to download this report
Administrators must create an application access policy and grant it to a user, authorizing the
app configured in the policy to retrieve an
online meeting on behalf of that user (user ID specified in the
request path).
Uses Beta version of the GraphAPI, so it can't be used in production
callRecord subscription
According to the Create subscription, i can subscribe to create and update events of a callRecord, and everything works well - when a meeting call is finished, my notification URL is called in 5-20 minutes, so i can find original meeting by callRecord.joinWebUrl and Get onlineMeeting:Example 3. Seems it's most suitable method for me, but has the following disadvantages:
Guests cannot be identified, their names as them passed in MSTeams clients are not reported to callRecord ie. callRecord.Participants[].AddtionalData["guest"].displayName == "Guest user" for any guest (seems like a bug), however entered/leaved information can be found by searching callRecord.Participants[].AddtionalData["guest"].id in callRecord.Sessions[].Segments[].Caller.Identity.AddtionalData["guest"].id
External users cannot be also indentified, callRecord.Participants[].User.DisplayName == "External user" for any external user, however i can retrive tenantId and userId, but still cannot get user's profile because my app has to have Directory.Read.All permision in that tenant, and it's not possible for every tenant.
PS. I can setup MSTeams to do not allow guests or external users, then it works partially well, because each user has to have Teams license assigned, and there is NO login page appears during joining a meeting, just an error page saying that meeting does not allow guest or external users, so the user should find a link to login to a tenant, which is not obvious in MSTeams Web Client, but possible.
PSS. In the Microsoft Teams admin center, i've checked the calling history of an organiser for a meeting with 1 guest, 1 tenant and 1 external and here it is:
Seems for guests, displayName is not stored at all, however for an external user there AAD email is stored (this is AAD guest user ie has '#EXT#' in his principal name, and has the same email as on the picture), however i'm not sure from where it resolved from by Azure - either from external tenant AAD or my tenant AAD for external user, because Azure has access to both.
So, maybe you know a method to get attendees and their times in a meeting call ?
Thank you for your suggestion/advice/reply !
Thanks for reaching us!
Teams by default generate attendees report and meeting report after completion of meeting call. We can able to see the list of attendees and the report. But at present we don't have any API to fetch list of attendees and their timings.
As this feature is not available at present, could you please raise an UserVoice if this needs to be consider as a future request.
I would like to create a webservice capable of automatically sending messages in Microsoft Teams. I tried authenticating as an application, but currently Microsoft does not support granting application permissions to send messages in Teams, so the only choice here is to authenticate using a service account with real credentials (Unless there is another way?). This method only specifies using user interaction to log in as a user.
I would like to use a service account teamchatbot#domain.com to authenticate with Microsoft Graph in order to send messages on Microsoft Teams. (similar to this but since I'm not accessing a resource it is a little different.) Is there a way I can silently obtain an access token on behalf of the service account in order to send messages?
It seems that you have a misunderstanding.
Your scene is actually the same as this post.
You should use Resource Owner Password Credentials to call Microsoft Graph API to send messages.
Based on permissions, you need the Group.ReadWrite.All delegated permission. So you need to add this permission into your Azure AD app firstly.
Don't forget to click on "Grant admin consent for {your tenant}" after you add this permission.
Then you can get an access token like this:
You can see that https://graph.microsoft.com/Group.ReadWrite.All has been included in the response.
Now you could use this access token to call POST /teams/{id}/channels/{id}/messages.
There are a few other ways I can think of.
1) One is that you can create a Bot using the Microsoft Bot Framework, and once that bot is installed to the particular team, it can send "pro-active" messages (i.e. not a message in response to a user's message, but rather whenever you need).
Essentially, when you bot is added to the team, you get access to a specific event in your bot (OnMembersAdded for a general bot, and there's now a new event just for Teams). See more on this in my answer on Detect bot application open event. In this event, you get the information you need for later, which you can store in a database or wherever, and then create the message as if it's your bot posting to the channel. You can see more on that at Programmatically sending a message to a bot in Microsoft Teams.
This option above is a lot of work, but useful if there's other functionality you want from a bot (e.g. the ability to receive messages from the users)
2) Another, and even more simple way, is to create an incoming webhook directly to the channel. Here's a post on doing this using PowerShell, so you can do that for simple testing and extrapolate from there for Node.
Of course, things like Flow (Power Automate) are an option too, but you're already writing code so one of the above is probably easier.
Hope that helps
I want to send web push notifications to registered users, are there any best practices on how to implement the cases when multiple users have access to the same device and one should not see the message of another user.
Thanks in advance.
A web push notification subscription is tied to the browser, not the device.
What you need to do is, map this id with your registered user when he logs in from a particular browser. Also, you need to remove the subscription id mapping with any other users in the system.
In the case of multiple users using the same browser, the above logic will make sure that at a time, a particular browser subscription id is linked only to a single user.
And when you want to send a notification to a registered user, you can retrieve all push subscription IDs linked to this user in your database, and trigger notifications to those subscription IDs.
And don't forget to unmap a subscription id when the user logs out from a browser. Otherwise, he will continue to receive all notifications even if he has logged out.
I want to sync google calendar with my app.
When user add some event in the Google calendar at that time, I want these new event in my node server response
Means live sync with google calendar.
I want something like listener that listen new event.
With Google Calendar API you can watch for changes to Events or CalendarList resources, see this and this. Basically you will need to create an endpoint on your server which will receive events/calendars update notifications. When notification arrives, request a calendars/events synchronization. To make the synchronization efficient, use incremental sync. Check this question also to see the algorithm.
You may check this Quickstart tutorial and node-google-calendar.
You need to create a service account if you don't have one. A public/private key pair is generated for the service account, which is created from the Google API console. Take note of the service account's email address and store the service account's json or P12 private key file in a location accessible to your application. Your application needs them to make authorized API calls. If a user wants to give access to his Google Calendar to your application, he must give specific permission for each of the calendars to the created Service Account using the supplied email address under the Google Calendar settings.
I'm using the google calendar api for a calendar web app. My app allows users to create and modify calendar events and it syncs these changes with user's google calendars. I recently noticed that when one user creates an event and invites another user to that event, that invited user can only change the topic of the event for his/her calendar, not for all the other participants. I would like one user's changes to be reflected on the google calendar's of all the other participants. Google Calendar's website provides an option for allowing guests to modify the event:
but I wasn't able to find where I could specify this option in the google calendar api. How can I use the gcal api to set guestsCanModify to true when an event is created?
2021 update:
Just set the guestsCanModify to true in Event object
https://developers.google.com/calendar/api/v3/reference/events
That is probably some Google magic in the Google Calendar website. If you check the documentation for Events.insert There is nothing about granting attendees permissions on the event. It would appear that you can only add a user to a calendar but not limit their permissions in anyway with regard to events.
However I think that is a new feature which makes me think it might be something they will be adding to the API in the future. It would be nice if they did.