Is there any way to get live query's connected user's information in the parse server? I want to receive user details and do some operation when he gets connected/disconnected via LiveQuery on the server-side.
I have already looked into the onLiveQueryEvent in Parse Cloud Code but it only gives the subscribed and connected user's count - not the actual user object.
This has been added in Parse-Server 3.8.0
https://github.com/parse-community/parse-server/pull/5927
You can get the sessionToken of the user.
Related
I need to know the time that it take to a user to response an email recived from a group. To do this I want to use google api, to download all the data I need and then compare it with SQL. When I'm traying to use the api users.messeges.get() for my user, the api return me the data, but when I tried to recover other user data, i have this error:
Delegation denied for user#domain.com
I understand this error it's because I do not have enough permits, but if I use GAM ADV with my user I can download all the data I need. The SCOPE I'm actually using is:
https://www.googleapis.com/auth/gmail.metadata
Any advice for me? I'm stack
I have an app in NodeJS which calls the outlook api and reads a user's mails. I'm connecting this to a MySQL db where I'm storing specific email replies.The app is working perfectly.
My problem is that I have to sign-in every hour to refresh the access token.
I need a way of calling the outlook api, returning the emails, store them in a db, and then expose them through an API. And I wanna automate this outlook api call through a cron job.
Does anyone have any ideas on how I can accomplish this?
What I believe you are looking for is App-only access a.k.a access without a user. More on this below.
https://developer.microsoft.com/en-us/graph/docs/concepts/auth_v2_service
In addition, you get a refresh token along with the user consented access token. You can then refresh the access token periodically using the refresh token. More on this below:
https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols-oauth-code#refresh-the-access-token
Is it possible to disable requests sent to Parse without a master key? I'd like to only access Parse through my custom backend and not give users direct access. Does public 'read' set on the User class mean that anyone can read the records in that class? If so, why is this a default - wouldn't that be against good security practices?
Thanks,
Daniel
Public read means that anyone with your api key can read the user collection from your parse server. Api key is not the best approach to protect your app because anybody can know it by putting "sniffing" your network requests.
In order to protect and provide access you can protect your objects with ACL's which allows you to create access for specific user (who is logged in) or to specific role. So you have couple of options:
Create a master user - each user must have username and password and when you create your parse objects make sure that only this specific user create/read/delete and update them. You must only to make sure that when you create an object you create ACL for this user so only this user will be able to modify and read the object. You can read more about parse-server security and ACL's in here: http://docs.parseplatform.org/rest/guide/#security
Using parse cloud code - In cloud code there is a nice feature of useMasterKey which provide full access to any object of parse-server so for each operation that you run (via JS SDK) you can also set the useMasterKey to true and then parse-server will ignore all the ACL's and will execute the query for you. The useMasterKey feature work only in cloud code context so it's safe. If you want to provide additional level of security you can run the cloud code function with your master user (from section 1) and check inside the cloud code for the user session so if the session is empty then you can return an error.
You can read more about cloud code in here: http://docs.parseplatform.org/cloudcode/guide/
This is the code which validate the user session:
if (!request.user || !request.user.get("sessionToken")) {
response.error("only logged in users are allowed to use this service");
return;
}
I have a multi tenant FreeSWITCH setup and I am trying to retrieve the registrations belonging to a particular tenant.
I am aware of the mod command show registrations described here which returns all the current registrations on the FreeSWITCH.
I am also aware of sofia status profile <profile name> reg described here which shows registrations on a particular profile. This won't help either as the profiles on my FreeSWITCH are shared by multiple tenants.
Is there a way I can retrieve the data through event socket for a specified tenant?
you can execute show registrations via ESL and retrieve its output. The second field is realm, which is basically the name of the tenant. So, you would get all the registrations, and later you can filter by realm name. Also in theory, you can get direct access to the registation SQL database and run the queries directly in it.
I have done something similar to this.
first get all the registration of profile using following command:
"api sofia status profile internal reg" using event socket
after this based on your need convert data into json and search based on realm and print the result.
Please refer sofia_presence_data list|status|rpid|user_agent [profile/]<user>#domain cmd.
Even if this doesn't work. You need to get register and unregister events from ESL and save it to common DB and retrieve the user data, which i think a much simpler way.
I have a script which is retrieving user info for a set of users in our account. First we're calling socialize.exportUsers to get all UIDs, then I'd like to retrieve user info for a subset of this. Currently I'm calling socialize.getUserInfo on each UID I want to retrieve, which is quite slow.
I'm wondering if there's a way to batch API calls together so I can retrieve user info for multiple UIDs with one call. I didn't find anything in their API documentation or Developer's Guide.
Thanks,
Scott
Unfortunately, Gigya does not currently not have API functionality that would allow you to retrieve user information back as a batch.
However, if you have an active contract with Gigya, then you should be able to contact Gigya support directly and request a user export. Gigya has an internal data migration process where they can extract all the users on an API key into a JSON file and then send you that file.