Disable the Layer Preview in Geoserver - geoserver

How can I remove/disable the Layer Preview link in Geoserver? I don't want normal user to login their account and go to Layer Preview to download the data, such as geojson data. I can't disable the WFS as well, i need to use WFS method. Can anyone give me some advise?

From data under security section in the far left bottom, disable read access for whatever role you want. Add new security rule, choose a path -Workspace + Access mode(Read, Write)- and assign role to that rule.

Related

How can I enable user to dynamically set logo in Apex 5?

I need to allow the user upload a number of logos and select a default, that will then become the logo that's shown at the top left of the screen.
Usually the logo is a static application file, so is there perhaps a way to make changes to those by the user? Or to set a static file as a select statement?
I also tried setting an application computation to set an application item but couldn't get that to work.
This is my first question on SO. If I'm asking something stupid, please go easy on me. Thanks.
The way to solve this problem is to give the user a page for him to upload and manage the logos. (save them in the database)
Then create a RESTful Web Service that returns the image of a selected logo,
and use the link of the RESTful Web Service as the img src link.

How to enable cross origin resource sharing (CORS) in Cesium Sandcastle for Geoserver WMS Get request

I am trying fist to test and practice in cesium sandcatle with my data on localhost:8080 geoserver.
This picture will explane everything
Also, i want to ask, "how to get a list of GeoServer layers loaded into the Cesium BaseLayerPicker"
From example http://localhost:8080/geoserver/masterrad/wfs?request=GetCapabilities give XML file, with possible layers in workspaces 'masterrad'. How to extract names from that XML and put in BaseLayerPicker
Thanks
I think this may be two unrelated questions, but I'll try to answer both.
You can enable CORS in Geoserver using the CORS Filter plugin:
http://software.dzhuvinov.com/cors-filter-installation.html
As for your second question, Cesium does not have built-in support for querying WFS GetCapabilities, but TerriaJS does:
https://github.com/TerriaJS/terriajs
TerriaJS is an open-source library built on top of Cesium that was originally developed for Australia's NationalMap and has since been used for a lot of other projects. TerriaJS also has a fallback to Leaflet for systems that can't run Cesium. Once you have CORS working on your server, visit nationalmap.gov.au (a site running TerriaJS), click Add Data, enter your WFS URL, and you should see all of the server's layers appear at the bottom of the Data Catalogue.

Javascript Application Key Issue

I'm using parse to store high scores for an app, the website for my app is displaying the high scores in a leaderboard.
How can I make the javascript application key only have read access?
I want to prevent anyone from grabbing the key and start updating/changing/destroying my data. I am looking for a way to prevent this.
Thanks for your time.
What you need here is Class-Level Permission
Browse to your class in the Parse dashboard
Click on Security button
Untick Write to prevent public non-read access to your data
Check the link for more information.

Using Spring Security in Grails to restrict content access

Let me start off again again by saying that I am still new to Grails and Spring Security. I have been doing my best to sift through the documentation and examples and samples. It all has made me a bit confused or overwhelmed.
I am trying to use Spring to manage user access to information. I have a site framed. I want the admin to be able to add people, locations connected to the people and images of the locations. The picture is connected to the person. I want the people that log-in to be able to see their pictures, only.
Is it better or best practice to do this with sec tags or #Secure annotations or a combination? Which is the most secure? I have restricted access using sec:tags. Is there a sec:tag I can use to select the pictures to be displayed?
I think you can look at this in a simpler way. There are basically 3 ways to manage security with the basic plugin install.
#Secured - This allows you to lock down access to an entire Controller and / or individual actions. Think of this as locking down a URL to a specific set of roles. Changes to this level of security will require a redeploy.
Request Map - You get the same benefit as #Secured with the added bonus of being able to modify Controller / action security in a running environment vs having to do a redeploy.
sec tags - These allow you to lock down the rendering of views. For example, to allow an edit button to show up for one role while hiding it for another role. The sec tags are used in combination with the above methods.
That's really basically it. None of the above are more or less secure than the other. What some people seem to confuse is the concept of "my data" and how Spring Security handles that. If, in a Controller, you want a user to be able to access only their "pictures", you should just query for "pictures" based on the authenticated user.
def authenticatedUser = User.findByUsername(springSecurityService.principal.username)
def pictures = Picture.findAllByUser(authenticatedUser)
The view then only cares about what pictures you sent to it. Each logged in user will then only see their pictures. If the admin is logged in, and needs to see ALL the pictures, you might do something like this:
def authenticatedUser = User.findByUsername(springSecurityService.principal.username)
if (SpringSecurityUtils.ifAllGranted("ROLE_ADMIN")) {
def pictures = Pictures.list()
}
However, I'd probably just have a separate Controller for administrative purposes versus trying to do too much logic in one Controller. Or, move the logic to a Service.
Hope this helps.

How to get data out of entity in script in CRM 2011

I have 2 entities (for this example) in CRM 2011 - Account and Case. The Account holds all of our clients, the case holds individual work actions for an account. When a case is created one of the input fields is the Account.
What I would like to do is upon the user selecting the Account, execute some javascript to look up the account entity to display some additional information.
So far I have got the javascript working that triggers the onchange event of the Account field, and it correctly gets the selected Account, but I don't know what the next step is.
I'm new to CRM so don't really know if what I'm asking is actually sensible, if there is a better way then please let me know.
Thanks!
For the record, the way you were thinking about doing things would be completely supported, and TechHike's method is supported in CRM 4, not CRM 2011. Steps you would take:
Use CRM 2011's web resources to upload a script file that does what you want.
Use the form editor to make your javascript method from step one fire when the Account field changes on the form
Make a request to CRM's REST endpoint (http://msdn.microsoft.com/en-us/library/gg334767.aspx) to retrieve the details of the account selected
Use the results to populate fields on the form, show a popup with details, etc.
There are plenty of examples of caling the REST endpoint from JavaScript in the SDK (http://msdn.microsoft.com/en-us/library/gg309408.aspx). Good luck!
Matt's post above contains everything you need to know, but you might also find the blog post below useful. It basically describes the same scenario where you have a 1:n relationship (such as Case and Account) and details how you can pull information from a specified lookup (e.g. account), using the REST endpoint (as Matt has already mentioned) and display it on the form.
http://community.dynamics.com/product/crm/crmtechnical/b/crminthefield/archive/2011/02/07/showing-related-information-in-a-crm-2011-form.aspx
The blog post includes a link to download a CRM2011 solution already built to give you something to look at how they've achieved this (useful if you're new to CRM2011).
There are two ways to do this, and you may be best to do them both in parallel:
on the Account > Case relationship edit the Mappings. When a user goes to an Account and uses the left navigation to look at Cases (or a grid of Cases on the form) then hits "Add New Case" they are creating a Case from inside the "context" of the Account. You can copy any fields you want to from the Account to the Case record at this point - the Mappings define what field from the Account are copied to which target field on the Case. This will always be the most robust, easiest way to do it but relies on the user starting in the right place.
on the Case for you could also add an onChange script to the Parent Customer lookup to fetch the data from the parent record. I think Stephen's link is probably the best way to do this as it does not copy the fields but allows the user to see them anyway, which is better database design (from a purist standpoint) and means the user always sees current info about the Account rather than possibly out of date stuff. Alternatively if you actually need to copy some fields (maybe the customer's normal SLA say) so that you can use these in other such as scripts or workflows on the Case then have a look at this article: Disabling the selection of contacts for opportunities all the way
Although this is about a slightly different topic, the script there fetches the Account details of the parent Contact - you want to fetch values from a parent (llokup) field so the approach is the same, just different in the detail
There are various ways to do this but I would recommend doing it the supported way, without javascript. This may not be as pretty but it is likely much easier. The scenario would be to add a left navigation link to the case entity that when clicked will update the content area to show the details of the account.
To add a link to the left navigation you will need to configure the isv.config file to have an extra link for the case entity.
Here's an example:
http://support.sfusion.com/kb/hosted-microsoft-crm-4/how-do-i-modify-the-isv-config-file-in-microsoft-crm-4/
You can also lookup isv.config customizations in the SDK, found here:
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=82e632a7-faf9-41e0-8ec1-a2662aae9dfb&displaylang=en
Next you will need to create a custom aspx page in the ISV folder of the web server. This page will display all the information about the account that you want to show the user when the left navigation link is clicked. The ISV.config as an xml property that allows you to pass all the context params to your page on the querystring. Make sure when you create the link to turn on this attribute.
Now the only tricky part is that in the page you will need to use the CRM web service to display all the account details that you interested in showing the user. I won't do into details on this. You can find great tutorials on the web or in the SDK if you haven't done this before.

Resources