I am trying to get the userid of the user that has triggered the build and use it as a parameter some where in the build file. Just like we can use ${CCNetProject} to get the project name. Is there a way I can get this information in Cruise Control .Net?
You can access the user via environment variable CCNetUser. Find more information here.
Related
I have this weird problem when I try to use a simple default flow template to save email attachments to the company main SharePoint site: company.sharepoint.com (not subsite).
So I get started, by taking all the defaults of this flow, however, once i get to the point of providing the site address and document library path I get the error highlighted in red.
Where I get confused is that when I create a subsite like company.sharepoint.com/sites/testsite I enter the subsite address and the folder path automatically populates the folder structure for me to pick where I want to save such attachment.
I have given full owner permission to this test account with same results. So permission is not the problem.
My question is, could it be I'm using the wrong flow to save to a main SharePoint site? or this is something not allowed?
You could check the connector and recreate a new connection to SharePoint.
In many cases, an error code of 403 appears in a flow fail because of an authentication error. If you have this type of error, you can usually fix an authentication error by updating the connection, please make sure you have update the connection.
You could refer to this article.
Just in case anyone has a similar problem, the account to which you are creating a power automate flow must be a site collector to the root SharePoint site.
I am pretty sure my understanding is correct but since I cannot find any Google documentation that explicitly highlights this I wanted to ask here.
Per https://developers.google.com/apps-script/guides/triggers/installable:
Installable triggers always run under the account of the person who created them.
And we know that when you create a trigger it will ask to authorize for all the scopes the script uses.
Then, that means that anyone with edit access to the script could leverage the Google identity of the user used to create the trigger to access the scopes the trigger is authorized for.
For example:
User 1 creates a Google Apps Script that uses GmailApp to send an e-mail
(i.e. GmailApp.sendEmail("one#example.com", "test subject", "email body");)
User 1 creates a trigger to run said script every hour and authorizes it with the appropriate GmailApp scopes
User 1 gives User 2 edit access to said script
Now, User 2 can go into said script and make changes to the code and access User 1's Gmail account. For example, user 2 could change the code to:
var emails = GmailApp.search("search string to find sensitive emails")
// use GmailApp.sendEmail to forward those details to someone else like User 2
All they would have to do is make changes to the code and save; they wouldn't need to re-create the trigger since it already exists. And the next time the trigger runs it would run the newer/updated code.
I was able to confirm this behavior by creating a test script on one of my accounts and giving another account edit access.
So my question is, what is the official/recommended way to mitigate this risk? The obvious answer is to not give anyone else edit access but what if that is not an option -- what if for support purposes multiple people need to be able to access the script, then what?
As you say, the only official/recommend way is to limit editing access to trusted persons.
In your particular example, User 1 could have chosen MailApp instead of GmailApp. The two seemingly redundant services are available separately because MailApp has very limited privledges exposed compared to GmailApp. (For instance, User 2 cannot search the victims Gmail with the MailApp service.)
You can collaborate while avoiding giving direct access to your script file using clasp and git. Only you push with clasp to the script. Everyone else submits changes through git. You can setup the system to be fully automatic (i.e. a git push triggers a clasp push) or manual (i.e. you review all changes first), bit either way you have good records of who did what, when with git.
There's inherent trust when you provide edit access to the script project. You either trust the person or don't trust them. There's no inbetween.
Some "theoretical" ways you may still protect the data:
Create and use different Google accounts.
Install Triggers at the specific deployment/not at Head:
Possible only if done manually. Installable triggers created programmatically can only be used at Head
When you deploy a web-app/api, You can deploy it a specific version.
This deployment version can then be provided, When you create a new trigger for a project here.
There is no need for a working web-app/api. We're only looking to get a deployment id.
In this way, even if user changes the script, your trigger will only run at the old version deployed.
Deployed versions can be seen at Publish> Deploy from manifest.
As the previous answer states, git would be a better call.
For all practical purposes, any data you share with a malicious entity should be considered compromised.
I need to extend my Backoffice login form and add two new fields to it. Then I need to access the login info in my Java code.
Extending Backoffice Login Page says I need to use LoginInformationHandler.
I haven't found information on how to do this. Should I inject it as Spring bean? I can't see configuration for it in spring-xml files in my application or OOTB. The only constructor available needs TypedSettingsMap loginInfo, which would just create new LoginInfoHandler or something like that.
So, what's the solution for this?
Yes, LoginInformationHandler is a service that you can inject into your service / facade.
Then, you would need to get the data like this:
loginInformationHandler.getLoginInformation(“tenant”);
Into spotfire, I need identify the user who is logged in the web browser not the system user.
What variable I can use ?
This is the script I use for the SYSTEM user
from System import Environment
Document.Properties['userName'] = Environment.UserName
Show web user in a variable
You can use %CURRENT_USER% in information links. I only say this because usually when people want to know who is logged in, it's to limit the data that's being returned based off what the user can see. This is called Personalized Information Links.
For scripting, you can use this:
from System.Threading import Thread
print Thread.CurrentPrincipal.Identity.Name
Is there a way to programmatically find app's id based on a name or some other criteria?
I have an extension that needs to exchange some data with an app. However, in order to send a message to the app I need to know the app's id. How can I get the id without any end user involvement?
I think I could hard-code the app's id into the extension but I'm not sure if this is the best option. In order to do that, I would always have to publish the app first, find its id, hard-code it into the extension, and then publish the extension.
Would this work? Are there better options to accomplish the above?
Thanks.
There is a way, but it's too heavy to be justified in a regular extension: chrome.management API. To be able to find out your app's ID with it, you'd have to make sure that the app be already installed by the user before the extension makes a query. In addition, such a permission may be hard to slip by more savvy users.
Hardcoding is your best option. The good news is, your app's ID will be fixed after the initial upload and will never change with subsequent uploads.