I am writing some integration tests at the moment for my website, I have noticed that I have been creating accounts without deleting them.
I have just been deauthing them with
try {
info('deauthing: ' .$accountID);
OAuth::deauthorize([
'stripe_user_id' => $accountID,
]);
} catch (\Stripe\Error\OAuth\OAuthBase $e) {
exit("Error: " . $e->getMessage());
}
when i try to reuse an email address for a testing account, it tells me that account already exists. But I can't see it anywhere in my dashboard.
I have tried to delete the account at the end of my test run but I get this error
Stripe\Error\Permission : This application is not authorized to delete this account.
the code i am using is this
public function deleteAccount($accountID)
{
$account = \Stripe\Account::retrieve($accountID);
$account->delete();
}
what am I missing?
There is no way to delete a Standard account via the API. As the platform you can create one, but it is then owned by a separate user and you can not control its deletion for security reasons. De-authorizing the account is the closest thing you can do in this situation.
If you're doing this for unit tests, you might want to create Custom accounts instead to avoid the address conflict. Otherwise, use a random suffix like my+12345#email.com
Related
EDIT: rest-server gives the option "Specify if you want the generated REST API to be secured: (y/N)", is this to enforce the acl?
I've been trying to setup a simple test using hyperledger-composer node js client. In my config I have the following:
"connection-info" : {
"participantId" : "gk1",
"participantPwd" :"CjysyeLjriRT",
"businessNetworkIdentifier" : "myBizNetwork",
"connectionProfile" : "defaultProfile"}
In my business network definition I have the following:
rule Default {
description: "DENY all participants access to all resources"
participant: "ANY"
operation: ALL
resource: "net.name.myBizNetwork"
action: DENY }
When I call the following code in node js app, I can still see the resources:
this.bizNetworkConnection.getAssetRegistry('net.name.myBizNetwork.TestAsset');
}).then((registry) => {
return registry.find('testAssetId = ' + id);
Obviously I'd like to do more scenarios with access control, but in my understanding this should work.
A good first point of call is to try out your model, acl, and script files in the online playground here https://composer-playground.mybluemix.net/
Note - you are an admin by default, to simulate being a participant you can do so by:
Clicking 'admin' in the top right of the playground
'+ Issue New ID'
Supply a User ID (whatever you like) and participant (will be one you created earlier) and then press 'Create New'
Select Option 2: '+ Add to my Wallet' (This will allow you to then use the identity and you will 'be' that participant
From looking at your code, the resource you deny is "net.name.myBizNetwork".
Following the documentation here https://hyperledger.github.io/composer/reference/acl_language.html I think that to deny access to the resources within your network you will need to add a '*' wildcard (see the Examples section in the link). If that doesn't work it may have something to do with identities.
Another note, from my understanding, you need to secure the API if you want to use identities. However, you also need to create/bind identities to existing participants, and then use those identities to 'be' that participant. See the article here https://hyperledger.github.io/composer/managing/identity-issue.html
By default, you are a Null participant (you can see what participant you currently 'are' by pinging the network)
I have tried to figure out how to set a rule in Parse.com so that only registered users can create a database in a particular class. I'm not talking about editing, but to create. I tried this with Pointer <_User> and deactivated the function created to Public, but even so it was not possible.
Image to the CLPs edited
You want to negate that Parse.User.current() check:
Parse.Cloud.beforeSave("Perfil", function(request, response) {
if (!Parse.User.current()) {
response.error("Just registered users");
} else {
response.success();
}
});
You can add a Parse.Cloud.beforeSave handler in cloud code which can verify the logged in user permissions before allowing the save.
I got questions about Android 6 (Marshmallow) runtime permission. If user wants to pick a photo from gallery, should we ask for READ_EXTERNAL_STORAGE permission?
Seems like I could access the gallery even though I turn off the Storage permission.
You need to ask for READ_EXTERNAL_STORAGE. You will be able to access the gallery without it, but if you want to do anything with the media you get from the gallery you will need the READ permission.
A quick test on what happens in onActivityResult after an image has been picked form the gallery:
Permission Denial: reading com.android.providers.media.MediaProvider
uri content://media/external/images/media from pid=8405, uid=10177
requires android.permission.READ_EXTERNAL_STORAGE, or
grantUriPermission()
For custom permission,you may use runtime permission if you are using Android 6.0 or above.This code may help you .
If your app doesn't already have the permission it needs, the app must
call one of the requestPermissions() methods to request the
appropriate permissions. Your app passes the permissions it wants, and
also an integer request code that you specify to identify this
permission request. This method functions asynchronously: it returns
right away, and after the user responds to the dialog box, the system
calls the app's callback method with the results, passing the same
request code that the app passed to requestPermissions().
// Here, thisActivity is the current activity
if (ContextCompat.checkSelfPermission(thisActivity,
Manifest.permission.READ_CONTACTS)
!= PackageManager.PERMISSION_GRANTED) {
// Should we show an explanation?
if (ActivityCompat.shouldShowRequestPermissionRationale(thisActivity,
Manifest.permission.READ_CONTACTS)) {
// Show an explanation to the user *asynchronously* -- don't block
// this thread waiting for the user's response! After the user
// sees the explanation, try again to request the permission.
} else {
// No explanation needed, we can request the permission.
ActivityCompat.requestPermissions(thisActivity,
new String[]{Manifest.permission.READ_CONTACTS},
MY_PERMISSIONS_REQUEST_READ_CONTACTS);
// MY_PERMISSIONS_REQUEST_READ_CONTACTS is an
// app-defined int constant. The callback method gets the
// result of the request.
}
}
To Know more about runtime permission
https://developer.android.com/training/permissions/requesting.html
i've gscript inside a spreadsheet, if i add and run a function calling this code :
var conn = Jdbc.getConnection('jdbc:mysql://sql4.freesqldatabase.com:3306/sql427377', 'sql427377', 'my_pass');
it works !
But if i copy/paste the same code in a google app script :
function doGet() {
return HtmlService.createTemplateFromFile('index').evaluate();
}
function getSql(){
var conn = Jdbc.getConnection('jdbc:mysql://sql4.freesqldatabase.com:3306/sql427377', 'sql427377', 'my_pass');
}
even if i don't call the function, i've just paste the code, i ve got this message on execution of my script :
"Vous devez disposer des autorisations requises pour pouvoir effectuer cette action."
"You must have the required permissions to perform this action."
I don't understand why... need help ;)
Permissions in a script project are asked for every service present in this project. Wether you actually call a function using this service or not is not important.
For example, if I have an onOpen() function in a script and another function that sends emails, I will be asked permission for mailApp service even if I simply try to run onOpen().
If your spreadsheet does not ask anything about Jdbc, it means that the project was already authorized for this service (and you probably forgot it) and the behavior you describe in your other project (the doGet one , but it would be the same in any other project) is normal.
If you want to check this, simply add a call to another Google service in a dummy function and try to execute another function that used to work without warning... You'll get the authorization request as expected.
There are questions about getting the profile image from Twitter, Facebook or Google, but it would be nice if there were a simple and extensible wrapper that returned the profile image regardless of the current user's account service.
I think you would want to set the users profile picture yourself. Because the services do not have a standard way to store profile picture. And the meteor oauth has no required code for each service class to implement.
You could set it on account creation. This would require writing code for each service.
Accounts.onCreateUser(function (options, user) {
if (user.services.google !== undefined) {
user.profile.profile_picture = user.services.google.picture;
}
if (user.services.twitter !== undefined) {
user.twitter.profile_picture = user.services.twitter.profile_url; // sudo param name
}
return user;
})
or on publish.
In the meantime there is an Atmosphere package that returns the user profile picture and works for a lot of auth services:
bengott:avatar
Instead of bengott:avatar (which is now deprecated), use the utilities:avatar package instead
You might also want to look at the accounts-meld package.