Retrieving files from blog media entries - ibm-connections

The tool I'm building needs pull data from IBM Connections Ideation Blogs. I therefore use the Connections API with basic authentication to read Blog Entries. This goes well until the description contains images. When I ask the API to provide media resources for the blog, it does not show any entries of the /BLOGS_UPLOADED_IMAGES location - the one containing images uploaded through the blog's richtext editor. The user I use in my API call is the same user who created blog entries and uploaded pictures.
However the API call DOES contain images I publish using the API and a POST request to the blog's media entry collection. This is where the next problem appears. Those Atom entries for images contain various links, one of them with a ref="enclosure", of which the API documentation (link) tells me to "Use the web address in the href attribute to obtain the binary content of the file". However, my calls to this adress are always answered with 404 response code.
Another url in the Atom entry (this time of the element) is described by the same documentation (see link above) as: "Provides access the document's media. The following operation is supported: GET: Use the web address to obtain the media." When I make a call to this url, as always with basic authentication credentials attached, the response contains the html of the login form of Connections, so API authentication does not seem to be supported on this url. This is only the case for non-public communities, which require authentication, of course, if the picture is publicly availabe all works just fine.
Am I missing something out? Is there another way to retrieve the actual image from a blog's media entry through the API? Are manually uploaded pictures never contained in the media entries result or is this a bug?

It now magically works using the link with ref="enclosure" from the atom entry. I might have gotten something wrong with authentication I guess (although I'm not actually realizing what I'm doing different now than I did before).
Problem remaining: Pictures uploaded through the rich-text editor in the folder /BLOGS_UPLOADED_IMAGES do not appear in the media feed of the blog.

Related

Using Microsoft Graph API to Query Certain Sharepoint URIs with .aspx Extensions

I have a question about sharepoint combined with the graph API. I'm trying to do a GET request against a sharepoint site, but it doesn't populate when the url has a .aspx extension. For example if I do 'GET https://graph.microsoft.com/v1.0/sites/hostname.sharepoint.com:/sites/blablabla/UK' this populates a response fine, but if I do 'GET https://graph.microsoft.com/v1.0/sites/hostname.sharepoint.com:/sites/blablabla/UKDTAppKZ/something.aspx' then I get a 404 error suggesting this site doesn't exist... Could I get some clarification on how to use graph GET queries with sharepoint urls, specifically .aspx extensions?
In your first URL you're accessing the Site object for the /sites/blablabla/UK sub site, so you should get back a valid site object (assuming the URL is correct) as you indicated. To access the files in that site you need to access the Drives (Document Libraries) and then get the children or the specific item you're looking for. So the URL would look something like:
Path support isn't always consistent right now so wherever possible I like to use IDs if I know them.
So with an ID it would be:
https://graph.microsoft.com/v1.0/sites/HOSTNAME.sharepoint.com,SITECOLLECTIONGUID,SITEGUID/drives/DRIVEID/root/children
OR
https://graph.microsoft.com/v1.0/sites/HOSTNAME.sharepoint.com,SITECOLLECTIONGUID,SITEGUID/drives/DRIVEID/items/ITEMID
For Pages specifically though I would take a look at the Beta Pages API we added recently. If you want to do any operations (like publishing) to the page you'll want that API instead of the basic drive API.

Twitter api doesn't send media element with timeline

So I am using the twitter node module and twitters rest api to fetch timelines.
All works well, except that attached images do not get sent with the response.
Even after I added "include_entities: true" to the options object.
I'm talking about an image directly attached to a twitter post, links get displayed just fine.
I simply can't find a way to get it to display, any help is appreciated.
Every tweet has a Media Entity attached to it. You need to find the Media Id and then get the URL from -mediaURL. The below picture shows the full object model.
PC : https://www.visual-paradigm.com/tutorials/rest-api-design-twitter-example.jsp

String decode extracted from web log

Working on log analysis, I found a string with odd syntax and contents, by parsing page field of web log (a webshell?):
/campaign/(f(2ewt_ygmarlagti7sw4tvhj0zk17klgxnhnk1aawgtixm5x-2qmvsvouolvaffrhitumf4wnk496p2dbzmkc3ywfloksiixdtrlawmt78f_mg-45kdzzpdlnogeishkcgtohttp://www.facebook.com/externalhit_uatext.phptelf6gqmu2ia0i1j5lfgmcvw1))/home/index
Could someone guide me how to decode this string and find a clue ? Also why is the following:
http://www.facebook.com/externalhit_uatext.php
included in the string?
I am quoting https://www.facebook.com/externalhit_uatext.php
Facebook allows its users to send links to interesting web content to other Facebook users. Part of how this works on the Facebook system involves the temporary display of certain images or details related to the web content, such as the title of the web page or the embed tag of a video. Our system retrieves this information only after a user provides us with a link. You may have found this page because a Facebook user sent a link from your website to other Facebook users. If you have any questions or concerns about any links or content sent by one of our users, please contact us at legal#facebook.com.
My guess is that someone posted a link to your website to Facebook and someone clicked on that link (visited your website through that link). The (probably) encoded stuff seem a bit random though. If I were you I would either post a link from my website on Facebook, click on it and see if I get something similar. If it doesn't look like that, I would contact legal#facebook.com to clarify whether it is linked to them.

Tumblr.js official javascript/node API "link" posts with image, title, body

I'd like to be able to post link posts on a blog exactly the same way as if you were to go on the regular user interface and choose a "link" post and paste in a URL. It automatically grabs the image, sizes it, sets the title and a body/caption.
How do I go about doing this with the tumblr.js api wrapper?
I already have the API working so I do not need to know how to connect/post link articles. I am specifically interested in being able to add link posts that look/work exactly like the link posts you make as a regular user on their web interface. Using the API to do a link post just throws in the title. Using a photo post doesn't allow you to do a separate title/body. I'd love it to look like it does on the website when you paste in a link post and have the tumblr api/feed return it the same way too.
I got a response via github issues that explains that what I was attempting to accomplish is not available via the API. It can only be done using a tumblr client.
https://github.com/tumblr/tumblr.js/issues/41#issuecomment-135588952

xPages xAgent Security

I'm currently implementing the OpenNTF Multiple File Uploader by Mark Leusink.
This very nice custom control uses an xAgent to embed the selected file attachment into the target Notes document. Everything was working fine until I added Authors and Readers fields to the Notes documents. Now I'm getting a security error (402) when uploading the file.
My thought is the Upload xAgent can't edit the target document to attach the file. If I remove the security fields, everything works again.
My question is, do xAgents run with the same security as the current user? If not, can I set a "run as" user for the xAgent like I can for a Lotus Script agent?
I'd suggest that you look at the xAgent's code and rewrite it to use sessionAsSigner to access the database/document to upload the file. This will cause it to run as the signer of the application and bypass the security issues that your running into.
Both Tom's and Declan's answers are correct, but this doesn't count for the file uploader.
It uses a Flash component to do the actual uploading (called SWFUpload). Since browser cookies aren't shared with Flash, it can't send along the user's session cookie with the file and therefore to the Domino server the user performing the upload is nog logged in (aka Anonymous). That's why the uploader requires anonymous users to be allowed to read/write public documents in the ACL and the XPage/ XAgent handling the uploaded files (aUpload.xsp) is set to allow "public access users". It uses the sessionAsSigner object to access the database's content
Normally, the above settings would allow everyone to anonymously upload files. That's why I implemented a custom authentication solution based on an idea by Mark Barton: before every file is uploaded, a request is made to an XPage to retrieve a unique key. That XPage (aGetAuth.xsp) does run under the user's credentials and stores the key in a document in the database. This key is send along with the uploaded file and compared with the stored key. The upload is only allowed if the keys match.
First thing I'd check in your case if the code in the aUpload.xsp XAgent can read and write the target document using the sessionAsSigner call.
Mark, Declan, and Tim, thanks for jumping in.
I modified the xAgent **aGetAuth.xsp** to use sessionAsSigner to get the current database. At first I got the error "sessionAsSigner not found".
Google showed a quick answer was to re-sign the template before testing. After re-signing the template, twice, and preforming a "clean" everything works brilliantly.

Resources