General need
customize the MFA widget using the new universal login flow
this is not equal to classic flow (where we have Auth0MFAWidget with a range of options as listed here)
Specific need (for the new universal login flow, not the classic universal login flow)
Is there a possibility to change the default country on the MFA-SMS enrollment prompt?
can we restrict the list of countries also?
below is the page that I am looking at, can be accessed here:
Note:
Asking these for the new universal login flow, not the classic universal login flow
I raised a support ticket (from a paid company account) and got a reply:
Is there a possibility to change the default country on the MFA-SMS enrollment prompt?
it is auto selected based on the ip of the user
Can we restrict the list of countries also?
not available
workaround is to use JavaScript on the universal-page-template which hides specific countries using the DOM
something like:
const allList = document.getElementsByTagName("ul")[0];
Object.keys(allList.children).map(ch => {
if (allList.children[ch].innerText.search('Japan') !== -1){
allList.children[ch].style.display = none;
}
});
Related
Can anyone provide me with working example how to show analytics (Visits, Page views, Page views per visit, etc) for logged users? As I understand there is no OOB solution, so I've tried to implement flexible dimensions, but didn't find any good examples and failed.
First of all you have to identify your logged in contact by calling the Sitecore.Analytics.Tracker.Current.Session.IdentifyAs() method, see more details here. When the contact logs in you can use their username to identify them upon the successful login.
Note, that the identification and authentication are separate unrelated events. Contacts are identified against the xDB and authenticated against the authentication mechanism used by the website.
When the contact identifies, it is saved to xConnect with a known identifier based on the information passed into theIdentifyAs() method: Identifier, Source and
IdentifierType will be set to ContactIdentifierType.Known (it is set to ContactIdentifierType.Anonymous for anonymous contacts). Then you can use IsKnown property on the Sitecore.XConnect.Contact that returns true if a contact has any known identifiers.
If you want to track some custom events for the logged in users to then use them for reporting needs you can add user interactions by calling the client.AddInteraction() extension method. I have given an example here.
If you want to extend the contact with your own custom data then you can create custom contact facets, read more here.
In order to implement your custom report with flexible filtering by logged in and not users, of course, you will need to define your custom dimensions and metrics, read more here.
Sorry if my English is weird.
I would like to know how a non-admin account can use the Admin SDK.
If you have any suggestions, please let me know.
I'm developing an add-on for an elementary school using Google app script.
I want to limit the API by student, teacher, grade, etc. So I need to get the organization information.
There were a few other similar questions, and apparently it would be impossible to try to do it normally.
When using the Admin SDK, Google will display an acceptance confirmation screen to the user.
Once the user agrees, Google gives the app an access token that is valid for a short period of time. I'm thinking that I can do this by using that access token. Is this approach dangerous from a security point of view?
I'm sorry for the lack of explanation.
I'm currently developing a google slides add-on for an elementary school.
It's supposed to display a SPA made with vuejs in the sidebar and let you manipulate it.
For example, we can manage a whitelist of organizations that can use this application in advance, and not allow organizations that do not match the whitelist to use it.
If the organization is managed by school unit, access control can be done by domain, but in some areas, the organization is managed by city, so access control by school unit cannot be realized...
Also.We want to do the following if we match the whitelist.
The functions that can be used by teachers and students are
different.
The buttons can be changed depending on the grade level of the
students.
Automatically enter student names and class names on slides.
Use an organizational structure to manage the school and students. (https://support.google.com/a/answer/4352075?ref_topic=4390186&hl=en)
We think we can achieve this by using the Admin SDK to get organization information
Answer
It is not possible to use Admin SDK with a non-admin account as Google says in the documentation: This API gives administrators of Google Workspace domains (including resellers) the ability to manage devices, groups, users, and other entities in their domains.
However there are two workarounds for your problem, but you would need to use an admin account to configure the scenario.
Initial approach
Get the user that is running the application with the class Session and the method getActiveUser and getEmail: var email = Session.getActiveUser().getEmail();
Get the organizational unit that each user belongs to. With this information you will be able to filter users and display different options in the add-on. The main problem is that you need to use AdminDirectory.Users.get(userEmail) to get the organizational unit, and it needs the following authorization scope: https://www.googleapis.com/auth/admin.directory.user.readonly.
Solution 1
Create a Spreadsheet with all the users that are going to use the add-on and its organizational unit
Use List all users to get all the users in a domain and write each email in the first column.
Use AdminDirectory.Users.get(email).orgUnitPath to get the organizational unit and write it in the next column
Finally, when users use the add-on, search the email of the active user (Session.getActiveUser().getEmail()) in the Spreadsheet, take the row number and get the value of the organizational unit that is in the second column.
Solution 2
Create a custom admin role and assign it to every user that is going to use the add-on. You must be signed in as a super administrator for this task. You can do it here and select Users -> Read,
Assign the new role to each user creating a role assignment
Finally, users will be able to use var organization = AdminDirectory.Users.get(email).orgUnitPath
I want to add some customization like a picker field and checkbox in the default sign-up form given by wso2is.
EXAMPLE: I have a list of organizations and when user signup he/she selects related organization from a list and the organization gets stored in the DB.
one more example can be: I can provide list of Countries and users will be able to select respective countries.
Attributes that you can see in the default self sign up page are the claims that have been configured as Supported by Default in the WSO2 claim dialect (http://wso2.org/claims).
So if the required attributes are already not there in the default self sign up page you can configure them as Supported by Default from the management console. Please refer the documentation for more details.
After that, if you want to have a drop-down for some attributes you have to customize the self sign up page. The relevant JSP page (self-registration-with-verification.jsp) can be found in the accountrecoveryendpoint web app which can be located at <IS-HOME>/repository/deployment/server/webapps folder. So you can do the customization there as for your requirement.
Also if you want to build a separate Self Sign-Up page using a preferable technology you can use the Self Sign-Up REST APIs as well.
I am new to Drupal 8.
I am setting up a simple site and do not want to allow users to contact each other. However, I do want to use forms such as Register for an event.
I have updated the user registration form by adding additional fields, such as first name, address, phone, etc.
/user/register displays the Contact Settings box:
"Allow other users to contact you via a personal contact form which keeps your email address hidden. Note that some privileged users such as site administrators are still able to contact you even if you choose to disable this feature."
with Personal contact form check box unchecked.
How can hide the display of the Contact settings box completely?
That form is added by the contact module. You can either
Disable that module on /admin/modules
Disable the contact output on /admin/config/people/accounts/form-display
Create some overrides (so you can disable it for specific roles or other logic)
Overrides
If you want to override the
default behaviour, you need to create a new module and implement a hook_form_alter() as follows:
/**
* Implements hook_form_alter().
*/
function yourmodulename_form_alter(&$form, \Drupal\Core\Form\FormStateInterface $form_state, $form_id)
{
if($form_id == 'user_form' || $form_id == 'user_register_form') {
// Do some checks (e.g. role, permission), and then:
unset($form['contact']);
}
}
The contact module adds the form via form_alter hook as well, so it could very well be that the order of hook execution messes things up (this was the case for me). You might have to implement hook_module_implements_alter() as well, as follows:
/**
* Implements hook_module_implements_alter().
*/
function yourmodulename_module_implements_alter(&$implementations, $hook)
{
if($hook == 'form_alter') {
$group = $implementations['yourmodulename'];
unset($implementations['yourmodulename']);
$implementations['yourmodulename'] = $group;
}
}
The simplest approach for me to disabling the personal contact form was:
Following the instructions to set personal contact form off by default (from Drupal contact module documentation)
Navigate to the Account Settings page (Administration > Configuration > People > Accounts or http://example.com/admin/config/people/accounts)
In the Contact settings section specify whether the contact form is enabled for users by default.
Click "Save configuration."
Go to /admin/config/people/accounts/form-display (as instructed by Marcus above)
Move "Contact settings" to disabled.
Click save
So now the personal contact form is off by default for all future users and they don't have the ability to turn it on. Note that this does not change things for existing users on the site.
When a user joins a group, they are presented with options for linking their profile as well as choosing their email notification style on a screen like this:
Is it possible to set these values, in particular the email notification choices, via API?
I've found the API to add a member to a group (https://developers.google.com/apis-explorer/#p/admin/directory_v1/directory.members.insert), but not to set these meta-values pertaining to that membership.
Sorry, there is no way to set a user's mail delivery preferences via the current APIs.
So while you can't get the mail preferences for each individual user, you can get some settings associated with the group. By using the Groups Settings API as per https://developers.google.com/admin-sdk/groups-settings/manage, you should be able to return a number of parameters which list the settings of said group.
Hope this helps,