Custom Access check for module route

I’m working on module that should behave as API endpoint.

I created Controller which handler POST & GET requests from external system, but I need to add user authentication so only authenticated user can acccess these endpoints.

My mymodule.routing.yml:

mymodule.show_content:   path: 'api/getContent'   defaults:     _controller: '\Drupal\mymodule\Controller\ContentController::getContent'     _format: hal_json   requirements:     _method: 'POST'     _custom_access_check: 'TRUE' 

My mymodule/src/Access/CustomAccessCheck.php:

class CustomAccessCheck implements AccessInterface {     public function access(AccountInterface $  account)     {         return ($  account->hasPermission('access content')) ? AccessResult::allowed() : AccessResult::forbidden();     } } 

My mymodule.services.yml:

  mymodule.custom_access_check:     class: Drupal\mymodule\Access\CustomAccessCheck     arguments: ['@current_user']     tags:       - { name: access_check, applies_to: _custom_access_check } 

I created a user called REST with REST role. I gave him ‘access content’ permission and tried to make request with Postman using POST method and following headers:

{     Content-Type: application/hal+json,     Authorization: Basic <base64_encoded user:pass>     X-CSRF-Token: token obtained from <page_url>/rest/session/token } 

When I make request with admin user, I see in recent logs, that admin access the route /api/getContent but access was denied. When I use my REST user it logs as anonymous user. Even when I log the status of authentication inside CustomAccessCheck::access function I see that user is authenticated with TRUE

I need to keep this authentication separated (out of controller, in service or something) because I need to authenticate every request (re-use auth) so only internal users can use API (and not everyone with URL). I don’t understand what is missing and why only my admin user is recognized by drupal and the REST user not.

Magento variable for access token

currently I have hardcoded my API token in my controller, Need to make it configurable so that it can be configured when the code is deployed in production.

So how can I store it on Magento variable from Magento cloud environment?

I see the variables section in configure environment in https://us-3.magento.cloud

If I set my customer variable there, then how can I access it in my controller file.

And what’s with so many variables types in Magento and which should i use.

https://devdocs.magento.com/guides/v2.3/cloud/env/variables-intro.html

Access violation crash in Json.Net Newtonsoft

I have a Windows Service using Json.Net version 11.00.2.21924. I had an incident of the service crashing. Looking at the mini-dump created by Windows7 it occurred in method PrepareBufferForReadData(): Newtonsoft.Json.dll!Newtonsoft.Json.JsonTextReader.PrepareBufferForReadData(bool append, int charsRequired)

This was during DeserializeObject() where the object includes a string property.

Can anyone explain what could be the problem?

Thanks

enter image description here

.NET SharePoint Web Service – 401 Unauthorized – Grant Access to Web Service User?

I’m trying to connect to a SharePoint list via a C# console application either using a functional ID or with the default credentials.

Option 1:

SpService.Credentials = CredentialCache.DefaultCredentials; 

Option 2:

SpService.Credentials = new NetworkCredential(user, pw, domain); 

If I use Option 1, the program runs successfully on my local computer but throws a 401 – Unauthorized exception when ran on the server. If I use Option 2, it throws the same exception both locally and on the server on the GetListItems() method. If I don’t set the Credentials property at all, it also throws an exception in both places.

SpService.GetListItems(listName, null, query, viewFields, null, queryOptions, null); 

I’ve tried to grant permissions to the functional ID in SharePoint, but the Add Permissions dialog cannot find the user.

Is there a way to access data in key, data tuple in Happybase Table.Scan()

I’m using happybase to scan a database I created in Hbase, but I’m not sure how to further slice the data without just moving it all into a completely different data structure. This is an example of a row in the database:

('row1', {'professional:xp': '100', 'personal:power': 'fly',        'personal:hero': 'yes', 'custom:color': 'black', 'professional:name': 'batman'}) 

So far, I’ve tried to use the Table.Scan() function, but it’s only good for returning the key-value pair. So I can do:

for key, data in table.scan():     print data 

which would give me back the data piece for each row:

{'professional:xp': '100', 'personal:power': 'fly',        'personal:hero': 'yes', 'custom:color': 'black', 'professional:name': 'batman'} 

I really wanted to do something like this:

for row in table.scan():     print row[b'custom:color'] 

to give me back

black 

but this doesn’t work within scan().

I’d like to get just one of the items in the structure returned:

black 

How can I use the scan() function to do this, or is this outside the scope of this function and should I look for an alternate method?

How to configure Apache/Varnish with http and https access (mixed content error)?

I have Drupal 7 installed on Ubuntu server with apache2 and varnish. I was asked to provide both http and https access to the site.

To utilize Varnish I setup apache reverse proxy to redirect all https traffic to varnish(http). Now I can access my site via http/https protocols fine.

However, when I load any https page with images in it, all images are served via http, thus making browsers issue a warning about mixed content. I would like to suppress that.

To suppress that, I changed $ base_url to https:// in site/default/settings.conf and that worked fine for all https pages.

However, I experienced the same mixed content error while loading normal http pages (images were served via https this time.) Then, I created an if statement trying to differentiate between http and https and assigning different $ base_url values accordingly.

I have tried using $ _SERVER[''] array variables as well as $ is_https, and nothing seems to be working.

I also used $ GLOBALS[''] variable to make sure variables are defined. I would clear the Drupal cache as well as browsers before each testing. However, when I access https version of a site, all is rendered ok and everuthing is fine. But when I access http, all images are served with https. I would clear cache again, and try accessing http first, and everything would be fine. But when I access https after that, images would be served with http. So, the logic within settings.conf is fine, but possibly caching makes browsers/Drupal to serve images with the protocol they were first accessed (be it http OR https).

My question: is there a way to assign $ base_url dynamically based on the protocol used?

Some of the settings I have tried:

----------------------------------- if (isset($  _SERVER['HTTP_X_FORWARDED_PROTO']) && $  _SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {         $  _SERVER['HTTPS']='on';         $  base_url = 'https://';         } else {          $  _SERVER['HTTPS']='';          $  base_url = 'http://'; }  ------------------------------------- #if (isset($  GLOBALS['$  is_https'])) { #       $  _SERVER['HTTPS']='on'; #       $  base_url = 'https://example'; #       } #else { #        $  _SERVER['HTTPS']=''; #        $  base_url = 'http://example'; #} --------------------------------------- $  base_url = '//example' --------------------------------------- $  base_url = ''; --------------------------------------- 

Access Subsite list from root site using sharepoint hosted app

I’ve a SharePoint Hosted App and its deployed to Root site. Using that App, I need to read items of specific list from all sub sites of that root site. My current Code:

var hostsuburl = "Subsite URL goes here";     var context = new SP.ClientContext(hostsuburl);     var oList = context.get_web().get_lists().getByTitle("ResourceDetails");     var camlQuery = new SP.CamlQuery();     camlQuery.set_viewXml("<View><Query><Where><Eq><FieldRef Name='monthnumber'/><Value Type='Text'>" + CurrentMonth + "</Value></Eq></Where></Query></View>");     this.collListItem = oList.getItems(camlQuery);     context.load(collListItem, 'Include(ActualHours,AvailableHours,CostPerHour)');     context.executeQueryAsync(function onQuerySucceeded(sender, args) {     alert('Inside OnQuery succeeded');     }  , function onQueryFailed(sender, args) {       alert('Error onQuery Failed');   }); 

But I can’t get into either onQuerySucceeded function & onQueryFailed function. Any help would be appreciated.

EDIT: I can get into subsite, but I can’t read list items, My code:

context = new SP.ClientContext(appweburl); factory = new SP.ProxyWebRequestExecutorFactory(appweburl); context.set_webRequestExecutorFactory(factory); appContextSite = new SP.AppContextSite(context, hostsuburl); this.web = appContextSite.get_web(); var olist = this.web.get_lists().getByTitle('ResourceDetails'); var camlQuery = new SP.CamlQuery();  camlQuery.set_viewXml("some query goes here"); this.oListCollitems = oList.getItems(camlQuery); context.load(oListCollitems, 'Include(ActualHours,AvailableHours,CostPerHour)'); context.ExecuteQueryAsync(Function.createDelegate(this, successHandler1), Function.createDelegate(this, errorHandler1));  function successHandler1() {         alert('Inside Successhandler1');      } function errorHandler1() {      alert('Inside Error Handler1');      } 

I’m still not get into either successhandler1() or errorhandler1() How to load list items and Enumerate to get all list items? Pls correct me, if i’m using wrong method.

what does “Memory access to address 00000030 looks like unallocated stack space.” warning mean? [on hold]

/nios 2 assembly language/

ADDR_SSEGNUMS: .word 0x4F5B063F, 0x077D6D66, 0x6F7F Arr: .hword 0x00000006 .hword 0x0000005B .hword 0x0000004F .hword 0x00000066 .hword 0x0000006D .hword 0x0000007D .hword 0x00000007 .hword 0x0000007F .hword 0x00000067

.global _start _start: /* initialize base addresses of parallel ports / movia r18, 0x10000000 / red LED base address / movia r19, 0x10000010 / green LED base address / movia r20, 0x10000020 / HEX3_HEX0 base address / movia r21, 0x10000030 / HEX4_HEX7 base address / movia r22, 0x10000050 / pushbutton KEY base address / movia r23, 0x10002000 / interval timer (onboard 50 MHz clock) base address */ movia r17, ADDR_SSEGNUMS movui r10, 10 movia r24, Arr movi r25, 9 movi r26, 0

/* load timer countdown value / movui r3, 0x02af / upper 16-bits of 500000 countdown value / sthio r3, 12(r23) / write to timer start value (high) register / movui r3, 0xf080 / lower 16-bits of 500000 countdown value / sthio r3, 8(r23) / write to timer start value (low) register */ movi r8, 0x4

/* start and continue timer countdown with no interrupts / movui r3, 0x6 / load timer control value / sthio r3, 4(r23) / write to timer control register */

PRESS_A_KEY_TO_START: /* press a pushbutton to start counter / ldwio r2, 0(r22) / load input from pushbuttons / stwio r2, 0(r19) / write to green LEDs */ ble r2, r8, PRESS_A_KEY_TO_START

/* monitor timeout signal to identify when the timer countdown ends (reach 0) / WAIT_FOR_TO_SIGNAL: ldhio r3, 0(r23) / load status register / andi r3, r3, 1 / load timeout (TO) bit / beq r3, r0, WAIT_FOR_TO_SIGNAL / wait until timer timeout (TO is set to 1) */

add r4, r4, r3 /* count number of timeouts */ divu r5, r4, r10 mul r5, r5, r10 sub r5, r4, r5 stwio r5, 0(r18) ble r5,r10, loop1

loop1: bge r26,r25,_start /* compare the size of the array with the counter / ldb r7,0(r24) / load the least significant bit / addi r24,r24,2 / increment / addi r26,r26,1
display: add r27, r7, r0
add r9, r7, r0 stwio r27, 0(r20) /
display the contents of r8 in the first four segment*/
loop3:
movia r29, 1000000
DELAY: subi r29, r29, 4
bne r29, r0, DELAY /* shift the values of the register by 8 bits*/ stwio r27,0(r20)

        bne r29, r0, loop3          /* if register values are not equal go to loop3*/           

stwio r28, 0(r20) /* display count of timeouts on LEDR / stwio r0, 0(r23) / reset TO bit in status register */ br WAIT_FOR_TO_SIGNAL

How to restrict access to documents in a folder so they can only edited and viewed by the user who uploads the file?

I have a file structure with a parent folder, two sub-folders, and multiple PPT documents in each sub-folder. The documents need to be able to move between the two sub-folders, but the tricky part is restricting access to who can view and edit these documents.

I need to set the permissions for these folders so that only the user who uploads the document is able to view/download/edit their document that they uploaded, but is unable to do the same for the other documents in the folder. It is not an issue for users to be able to see that there are other files in these sub-folders, I just cannot have them downloading and viewing the other files in the folder.

Is there a way to set up these permissions in SharePoint? Or maybe to create a list that users can upload a PPT file to instead (if that’s possible) in order to limit the access to each of the documents?

My manual fix to this issue is to go document by document and give edit access to only the document that the user uploads and give no access to that same user to the other documents in the folder. The issue with this approach is

  1. It is incredibly manual and with the volume of files existing already this is untenable
  2. I believe that permissions would reset if the file is moved from one sub-folder to the other, in which case I (as the admin) would have to go back in and re-grant permissions each time a file was moved.

Any ideas on what I can do to address this issue would be greatly appreciated! Thank you in advance!