According to this answer (and comments) gnome-contacts is where contacts are centralized for Gnome and it does a good job of aggregating via telepathy, but the only way to access that information seems to be the Gnome Shell search provider which only provides an avatar and a name. I've been struggling to duplicate portions of gnome-contacts in gjs but having tons of trouble with the bindings.
Is there an easier way to achieve this, or is it possible for me to generate vapi/gir binding for gnome-contacts itself so I can use it like a library?
Possible Alternate Solution:
Using libfolks in GJS is currently blocked by Bug #694115, but for those only needing Google Contacts it is possible in GJS via GData and you can even use Gnome Online Accounts as an authentication source, if available.
Use libfolks, which is what gnome-contacts uses internally to source its data. libfolks should be usable via gjs, although this has not been extensively tested, so there might be binding issues.
Please report any binding issues here.
Related
I am writing a desktop app using PyQt5 which uses the Wordnik API to get word definitions. I do not have server-side access, nor do I wish to invest in acquiring it. Is there any way I can reliably hide my key so I can share my program on GitHub?
At the very least you could store your API key in a separate source file (which you would exclude from the repository via .gitignore) and check for exceptions while importing that file (see this), alerting to provide own API key if that fails.
Storing the API key in a non-source configuration file is another option, but then your worries are in storing that file in a way that is not accessible to the end user of your application.
Unfortunately, no, our Wordnik terms of service don't allow for sharing keys where they are accessible by end-users. If your app is noncommercial you can share instructions for users to help them apply for and add their own Wordnik keys to their copy of the application (and this also helps you, in that your key won't hit our API limits based on your users).
If this is a commercial application, please get in touch with us (apiteam#wordnik) with more details about your use case as we are looking into how to make this easier. As a small nonprofit with limited engineering resources we can't promise a quick solution but since our mission is to find & share every English word we're always interested in learning more about how folks are using our API. :)
Thanks for using Wordnik!
I'm a novice mturk user. I created HITs for crowdsourcing using external question hosted on a server. I wanted to know if there is a web interface where I can see progress of my HITs. I tried looking at the https://requester.mturk.com/manage and https://requestersandbox.mturk.com/manage. But I cannot see the HITs programatically created using boto3. Should I look somewhere else? If not what's the way to get this information?
I share your pain right now. As of June 2020, this situation hasn't changed. HITs that are NOT created through the MTurk web interface STILL do not display on the web interface. It's terrible. We have 3 options for seeing and managing the HITs:
Use scripting and boto3. <-- Best option for now.
Use the AWS CLI.
Use the AWS shell (aws-shell).
I think the best option is to make scripts that do exactly what you need. Chances are you'll need to do things more efficiently than you could using the AWS CLI only. aws-shell isn't easy enough to use, and it also looks unsupported for over a year at this point (judging by their official github issue tracker).
For what you're asking specifically you'll need to use the method list_hits() and possibly list_assignments_for_hit(). See https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/mturk.html
Also I'm very new to this, so if it sounds like a barely or only sorta know what I'm talking about, that's correct. But I also wished there had been a straightforward answer to this question a couple weeks ago when I was sitting here dumbfounded.
I'm looking to write a unified email and messaging program. Supporting IMAP, POP, and SMTP are all pretty easy - the protocols are well documented and easy to come by.
Exchange has a SOAP API documented here, whereby you can write an Exchange client which talks with Exchange servers.
I'm looking to find out what protocol IBM (Lotus) Notes uses and how I can go about writing a standalone application which can send and receive mail. (Standalone is a key part of this - I've seen various things about automating the existing client, but I'm looking to write a new client, so I need to know what protocols it uses.)
Language is unimportant to me at this time. I'm leaning towards Python for the project, but I'm still at an exploratory stage where I'm trying to determine what frameworks exist in any language to help me write this.
That's a pretty interesting topic! There are two ways I can think of that provide mail-oriented abstractions, and two that allow you to access mail files as databases directly.
To start out with, and this is very likely the expedient route to take, Domino supports IMAP. It's far from perfect and it's not likely to improve, but it does more or less work for mail access. Not every server has it enabled by default, but it's not terribly difficult or unusual for an administrator to do so.
Recently, the Extension Library has added a JSON-based mail service that purports to provide a pretty friendly API for many operations, but is not complete - for example, it doesn't seem to cover a user's custom views or folders.
Depending on the depth of the project, then there are the routes for accessing the server using Domino's database API, which would be the most flexible but would involve far more hurdles.
The core protocol is NRPC, which, to my knowledge, is only implemented in the core Notes library. As Stan said, it's heavily tied to the presence of an ID file (server or user) and uses that for its encryption. With some setup, you could have that library and ID present and then use the C functions and structs on a platform it supports. This route would give you the most functionality (there are a number of C-level functions to assist with converting between Notes's document representation and MIME).
Alternatively, there is a remote-access protocol called DIIOP that can be used to access a remote Domino server using UN/password credentials via Java objects. This is not enabled for every server, but it's not terribly uncommon, and isn't that hard to enable. You wouldn't have access to all of the C API's functionality for edge cases, but this would cover a lot of ground.
If you want to work in Python, and you are willing to limit yourself to just the most recent versions of the Lotus Domino server, then I think that you should consider using the REST API that is known as the Donmino Data Service. Here's some on-line documentation.
I'm trying to secure my play application but I have no idea where to start. In play tutorial I have not found any chapter about that topic. As far as I see security topic is changing between play versions. So what are You guys using to secure Yours applications.
I'm new in Play so please forgive me if I'm asking obvious questions.
Edit:
Ok, maby question was't clear enough(I'm really sorry about that). When talking about security I mean that I need something to deal with users credentials and tool which allows me to restrict access to some pages and eventually to some rest actions in my application.
Edit2:
I'll try deadbolt2 now and we'll see how does it works. But I still encurage You guys to share Your knowledge about Play security with others:)
The documentation seems to still be a bit lacklustre on this topic, but essentially, authentication/authorisation functionality is usually performed using Action composition, which is the basis of reusable controller code in Play. There an example here (also linked from the docs that should help give you the general idea.)
Action composition in Play 2.2.x is done using ActionBuilders. These take a block which accepts a request and returns a Future[SimpleResult]. This allows the action builder to either execute the given block, or return a different Future[SimpleResult] (say, an Unauthorized in the case that a user's credentials did not check out.)
In our app we use the Play2-auth module for handling authentication with session cookies. This has (just) been updated to work with Play 2.2.x but uses a slightly different mechanism for action composition (stackable controllers.) You might be best off working out how the precise functionality you need can be accomplished just using the native framework tools before adding a dependency to it.
I agree with the other answers but just add that I use securesocial to integrate with other auth providers (google, FB, etc...), so I don't have to do auth myself. It's quite easy to get up and running.
https://github.com/jaliss/securesocial
Access control, security, etc. is a very wide topic, because it means very different things depending on context. This may be one of the reasons why Play has little documentation for it, which puzzled me at the beginning as well.
Play2 has some security helpers, namely it's the Authenticated method, for some insights on how to use it, check the comments in the source code. Its a simple method that you could implement yourself, and most do. It, essentially, just proposes a structure for where to place your methods that would check if request is authenticated and what to do if it's not.
Play2 also has some cryptography logic, which is used for signing cookies.
That's about it, you don't have any more pre-built security structures, but that's a good thing, because you don't want the framework making decisions like that for you, if it doesn't know in what context it will be used.
What is essential is to go and research how attacks relevant to your application are carried out, best practices and so on. I recommend going to OWASP, particularly the OWASP Cheat Sheets. If the list of Cheat Sheets seems intimidating start with the OWASP Top Ten Cheat Sheet. Don't mind the large volume of information, it's very useful knowledge.
When using some existing forum software in a larger web-site, how easy is it to:
1)Make your site's login functionality log the user into the forum
2)Make your site's registration functionality create forum login data
I suppose in a way it might be easier to ONLY use the forum's database for maintaining users, but that means trusting it with sensitive data.
I'm planning an integration between an existing bespoke desktop app and a new bespoke web-site which should include forums. I don't know which forums will be used but I know the new web functionality won't be PHP-based. I figure that's not a big deal but I'm wondering if forums typically allow configuration of where they look for login data, to avoid duplicating this data into my DB and the forum DB.
It's usually pretty easy, but it completely depends on the Forum software that you choose.
I've written systems in both PHP and ASP.Net (C#) that integrate with phpBB or vBulletin databases.
The login functionality is the easiest part to implement because the hash is stored in the DB (usually a salt will be too), and you just need to check one field to another and voila you can authenticate!
The registration of users is a little more difficult.
The way I did it was browsing through their source code to find out what SQL commands were necessary during the registration step.
So, depending on the forum software you choose, the difficulty will change, but overall it's not to difficult to make happen.
I would offer you snippets on how to integrate with PHPBB and VB, but since those are both PHP based, you said you weren't going to use them.
You are actually looking for a Single Sign On feature, that is integrated in several forum softwares, like Simple Machines and JForum for example.