I need retrive WEB Account instead of SYSTEM user - spotfire

Into spotfire, I need identify the user who is logged in the web browser not the system user.
What variable I can use ?
This is the script I use for the SYSTEM user
from System import Environment
Document.Properties['userName'] = Environment.UserName
Show web user in a variable

You can use %CURRENT_USER% in information links. I only say this because usually when people want to know who is logged in, it's to limit the data that's being returned based off what the user can see. This is called Personalized Information Links.
For scripting, you can use this:
from System.Threading import Thread
print Thread.CurrentPrincipal.Identity.Name

Related

Detecting if user came from whatsup/viber/skype

Is it possible to determine if a user came to your site by clicking a link shared in whatsup, viber or some other popular messenger?
They usually do send request to shared link so that they get metadata to display, and that can be determined through the user agent. However, when user actually clicks on link, unless messanger has browser built in, user agent is whatever browser they opened it in.
Using apache/nodejs/vuejs
Apparently, it is impossible. When a clicked link or programmatic request invokes a web URI intent, an OS allows the user to select an app from a dialog where it can be opened. So it doesn't add any additional information to the link while opening.
Probably make sense to consider generating unique links for every application so that you know where the user comes from.
https://hostname.com/home?userAgent=skype
https://hostname.com/home?userAgent=facebook

How to track last login date for IBM Domino web user?

Does IBM Domino track the last login date for web users(UserName/Password and internet certificate)? I know the access logs contains this information but wanted to know if there may be something built into Domino (maybe in Address Book). Trying to come up with a method to disable web accounts that have not accessed a domino server in a specified time period.
Thanks,
Kev
The User Activity area in the Database Properties picks up from the log.nsf, which is where this information is stored. But, typically, the log.nsf will only have a few days' worth of information. When I've had this requirement before, I've manually captured it via a custom login page or an initUser function I've had in applications.
One of the easiest solutions is to trigger an action from a live web page that generates a database.nsf?openagent event.
like:
or
Ideally you've use the openagent to print a content type and a response, but if you don't browsers do pretty well with invalid responses from servers.
inside your "myagent" you will have the users name available to you to write it to a document.
Your next challenge will be in getting the agent to trigger, but, not too often, ideally only on login.
When a user uses a custom login form it submits the username/password and redirection url in POST method. You could change that to ...?openagent&nexturl=/blablabla.nsf
Your tiny little agent would run one and only one time upon login and update a document in a your custom logging database.
That's a developer's solution.
There are also admin solutions. The server does keep track of active web sessions, but, it does not drop them into the log.nsf like it does upon session ending for a notes session. I don't think it would be too much work from an admin standpoint to get that information there are a lot of event triggers available to you. It's just been way too long since I worked on any server that anyone cared about statistics.

Nestuite: Suitescript variable for logged in or not?

I have a web store (Suitebuilder) and I've got a specific vendor that only wants us to show prices when a customer is logged in. All other vendors allow prices to be shown regardless. Is there a suitescript variable that lets me know whether someone is logged in that I can use to customize a template based on a specific vendor and whether someone is logged in?
Not sure but below are some approaches
var isLoggedIn = "<%=getCurrentAttribute('customer','entityid')%>" != "";
You can check for the logged in customer email in your script to confirm whether is there any actual login or not.
Also you can try nlapiGetLogin if you're using any suitelets for custom login functionality
nlapiGetLogin()
Returns the NetSuite login credentials of currently logged-in user.
This API is supported in user event, portlet, Suitelet, RESTlet, and SSP scripts. For information about the unit cost associated with this API, see API Governance.
Returns nlobjLogin
var login = nlapiGetLogin(); //Get credentials of currently logged-in user
If you are using more like a SSP application then probably you can try this out
<%
var shoppingSession = nlapiGetWebContainer().getShoppingSession();
%>
You could try detecting a cookie, then alter the page layout using JS or CSS to show different prices. I don't know them off hand, but there are Cookie values that let you know when a customer is logged in.
There may also be some URL parameters you could detect, but I can't remember them.

How to know if the SPUser is a "real" user or a system user like "search"?

I have built an http module that detect file openings. I don't want any alert to be raised when the file is crawled by a system account like 'search' for instance. I have tried to use isApplicationPrincipal and several others but it didn't work.
How would you do to keep only track of "real" users modifications ?
Thank you
The SharePoint search index crawler uses "Robot-something" as HTTP user agent. I don't know what the exact string look like, sorry for that.
You can check if the HttpRequest.UserAgent property contains "Robot":
if (HttpContext.Current.Request.UserAgent.IndexOf("Robot", StringComparison.OrdinalIgnoreCase) == -1)
{
// Code that runs for real users only.
}
Have you tried to use SharePoint Audits? They create a report when a user opens a file. And they are able to track file openings not only in the web site but in clients applications too.

How do you implement users and group security in a web application?

using php if that matters.
If you create a website that has users and groups. Where do you put this in the web application? Do you just put a function at the top of every page (pseudo):
if someone is in a group then they can see this page
or
if someone is in this group they can see this button
That sure seems wrong. I wouldn't want to edit the web app code just to change who can see what group-wise. I'm not sure what I should do or how to implement something like this.
Thanks.
In MySQL, I always create these 4 tables: users, user_groups, permissions and user_groups_permissions which are linked using Foreign Keys.
So, user A can be in a user group B, which this user group permissions are in user_groups_permissions.
Now, I just do a INNER JOIN on this 4 tables (or better, three: users, user_groups_permissions and permissions), the results are permissions that user have. all we need is selecting permissions.key by INNER JOIN.
Now, before processing request, I need to check that Client::has_permissin('send_post') returns true or not. And better, also on top of each user-group-related function.
Note: Client is a class that loads all user permissions just one time, before processing request, and then uses that permissions for whole request-life-time, without needing to access to database several times in that request. Use static methods and $permissions property for this class so you never need to send it's object over your applications classes/methods/functions :)
You can have a utility function which takes user id and group code and return true or false.
You can use that utility function as pseudo at the top of each page and the same function also be used to hide or show sections in your page.
If your web application is in MVC, embed user authorization logic in your controller.

Resources