Unable to determine if iCloud is enabled on my device - icloud

This is my code:
- (IBAction)aBackupSetup:(UIButton *)sender {
// check to see if this device is iCloud enabled; display message if not
NSURL *ubiq = [[NSFileManager defaultManager] URLForUbiquityContainerIdentifier:nil];
if (ubiq) {
NSLog(#"AppDelegate: iCloud access!");
} else {
NSLog(#"AppDelegate: No iCloud access (either you are using simulator or, if you are on your phone, you should check settings");
}
I'm trying to determine if iCloud is enabled on the device (iPad). When I run this code by tapping on a UIButton in my app, it logs "No iCloud access...". I have seen this code all over SO and the internet - why is it not working on my device? (iCloud IS enabled on the iPad).

Reasons why you'd always get a nil result here:
iCloud is not actually enabled (though you say it was, so that's not it this time)
iCloud is enabled on the device but "Documents & Data" is not. "iCloud" covers a lot of services, so just being enabled in general isn't enough. Without Documents & Data, apps can't save data in iCloud.
Your provisioning profile either doesn't include iCloud or is broken in such a way that it prevents iCloud from working. Provisioning profile requirements include:
You must enable iCloud for the app ID in the "Certificates, Identifiers & Profiles" section of the iOS dev center.
The app ID can't include a wildcard (*), it has to be a complete ID.
Your app ID in Xcode must match the one from the previous step exactly.
You must generate a provisioning profile after doing the above so that you have a profile that reflects the iCloud entitlement. If you had an old provisioning profile for this app that didn't include iCloud, you must delete it and replace it with a new one.
If you get any of these steps wrong, checking the URL will simply return nil. There's no error condition, but since iCloud access is not enabled there's no URL either.
For iOS 6 and up you're better off checking for iCloud availability using
id ubiquityToken = [[NSFileManager defaultManager] ubiquityIdentityToken];
That's a lot faster. Looking up the URL can involve network connections, but this method returns immediately. You'll still need the URL to read/write data in iCloud, but if you just want to check availability, use this method.

Related

Google Admin API: Directory - Unable to to clear Recovery Email or Recovery Phone Number

I'm working on a project to automate the steps in the Google Article Maintain data security after an employee leaves and have encountered trouble with automating the step Revoke Recovery Password Access. I'm following the documentation on the Google API Explorer for Updating Users and am performing an API request to the endpoint PUT https://admin.googleapis.com/admin/directory/v1/users/{userKey} with the following JSON as the body:
{
"recoveryEmail": null,
"recoveryPhone": null
}
I receive a 200 response code with no error but email and phone number remains.
If I try some dummy data (such as below) then the information updates fine:
{
"recoveryEmail": "joe#bloggs.com",
"recoveryPhone": "+1234567890"
}
I also tried:
{
"recoveryEmail": "",
"recoveryPhone": ""
}
Ideally I would like to clear the data rather than overwriting it with dummy values.
If you have a Google Workspace account, I think the problem may be related to propagation. I have tested it myself before, using the following, and it worked:
{
"recoveryEmail": "",
"recoveryPhone": ""
}
This Help Center article mentions that the changes on users can take some time to appear https://support.google.com/a/answer/7514107
I have just tested it again and it worked. I would suggest checking the user information in an incognito or private browser window, or wait up to 24-48 hours due to propagation time.

Amazon QuickSight embedded dashboard - how to cache user session in my webapp (billing and timing concern)

I have embedded Amazon QuickSight dashboard in my web application by using amazon-quicksight-embedding-sdk (followed https://learnquicksight.workshop.aws/en/dashboard-embedding.html).
The user session seems to last many hours as mentioned in https://docs.aws.amazon.com/quicksight/latest/APIReference/API_GetDashboardEmbedUrl.html
When I requested the embed URL directly from my web browser, I could see that it was valid for many hours.
But my web app will request a new embed URL when user restarts it (by closing/reopening tab/browser). Does that mean a new user session was created and billed.
Is it possible to store the embed URL and to reuse it (as long as the user session lasts) for the case the same user closes the tab/browser and open the web app and the dashboard again (of course in the same browser)?
I tried to store the embedURL as a cookies named "embed_url". But calling amazon-quicksight-embedding-sdk.embedDashboard({url: embed_url}) resulted in
"Embedding failed because of invalid URL or authorization code. Both
of these must be valid and the authorization code must not be expired
for embedding to work."
I was sure the embed_url was still valid because requesting it by the browser directly worked.
Which "authorization code" is mentioned in the above error message? What did I miss or is it actually not possible?
Beside the billing concern, I've noticed that the call to get the embedURL took time (more than 5 seconds, eu-central-1) while the embedding took less (3 seconds). I thought I could improve the dashboard loading time by reusing the gotten embedURL. Any comments about the timing? Is it normal or did I do something wrong so that it was so slow? My test dashboard has only 1 diagram with unchanged dataset.
As per the Quicksight Pricing Page, if you're creating an embedded dashboard for a Quicksight "Reader", then you're paying $0.30/session per 30-minute logged-in-session for this Reader.
The validity of the session can be set in the SessionLifetimeInMinutes parameter of the GetDashboardEmbedUrl API, and has an upper bound of 600 minutes (10 hours).
As an example, suppose you set SessionLifetimeInMinutes to 600 mins for your Reader user. Also suppose that this user stayed logged in and uses the dashboard for 10 hours continuously, then that would equate to 20 sessions of usage (since the billing is in increments of 30-min chunks). At first glance it would seem that this would cause $0.30/session * 20 session-chunks = $6 to be billed.
However, as per the pricing page, there is an upper bound of $5.00 per month for every Reader. Which means that this Reader can never exceed $5 per month regardless of how many Quicksight sessions (of whatever duration) are created for them. So no matter how many times you call the GetDashboardEmbedUrl API for a given Reader, you're capped to $5/month for this user.
Also of use as to what constitutes a Reader session (from the pricing page):
When does a Reader Session start and end?
A Reader Session starts with user-initiated action (e.g., login, dashboard load, page refresh, drill-down or filtering) and runs for next 30-minutes.
Keeping Amazon QuickSight open in a background browser window/tab does not result in active sessions until the Reader initiates action on page.
But my web app will request a new embed URL when user restarts it (by closing/reopening tab/browser). Does that mean a new user session was created and billed.
I'm not 100% sure about this, but yes I believe a refresh (or open/close) of the tab results in a new session for the same user.
A Reader Session starts with user-initiated action (e.g., login, dashboard load, page refresh, drill-down or filtering) and runs for next 30-minutes.
The above excerpt is from the pricing page. So it does seem that page refresh (and thus another call to GetDashboardEmbedUrl) will trigger a new session for the user.
Which "authorization code" is mentioned in the above error message?
The GetEmbedDashboardUrl API response is a JSON object that looks like this:
{
"Status": 200,
"EmbedUrl": "https://us-east-1.quicksight.aws.amazon.com/embed/f4147cd0d4d_BLAH_BLAH_...",
"RequestId": "c15a7bad-629e-444a-b643-ff3142c9ae41"
}
If you look closer at the EmbedUrl, apart from the dashboard url itself, there are also these query-string parameters:
isauthcode
code
identityprovider
statePersistenceEnabled
potentially: other params too
The code parameter (embedded within the embedUrl) is the "authorization code" that you asked about.
Is it possible to store the embed URL and to reuse it (as long as the user session lasts) for the case the same user closes the tab/browser and open the web app and the dashboard again (of course in the same browser)?
No, that can't be done. As it says in the link you shared:
The following rules apply to the combination of URL and authorization code:
- They must be used together.
- They can be used one time only.
- They are valid for 5 minutes after you run this command.
So the embedURL and its associated auth code can only be used once together. Makes sense since this will prevent MITM replay attacks among other scenarios. Also I actually tried to cache the response and then re-use the embedUrl in case of a cache-hit, since this would improve the end-user experience. But this didn't work - a "replay" of the embedUrl is blocked by QuickSight, as mentioned in their doc.
Any comments about the timing?
This has been our experience also. The GetDashboardEmbedUrl REST API takes around 5-7 seconds (us-east-1) for our app and then the actual embedding takes another 3-5 seconds. Not great, but I don't see a way around this poor user experience as of now.

PBI services Odbc.DataSource dynamic dsn name

In PBI desktop file no errors, erro appear only in PBI service on refreshing
ERROR:
Query contains unsupported function. Function name:Odbc.DataSource
Parameter1
Mydsn ' as parameter
used as text - not dynamic
= Odbc.DataSource("dsn=Mydsn", [HierarchicalNavigation=true]) ' no error
as used us text Parameter - not dynamic
= Odbc.DataSource("dsn=" & Parameter1, [HierarchicalNavigation=true]) ' no error,
Odbc_dsn ' Query
= settings[Column2]{0} ' from csv
from csv query
= Odbc.DataSource("dsn=" & Odbc_dsn, [HierarchicalNavigation=true]) ' Query contains unsupported function. Function name: Odbc.DataSource
directly from csv table
= Odbc.DataSource("dsn=" & settings[Column2]{0}, [HierarchicalNavigation=true]) ' Query contains unsupported function. Function name: Odbc.DataSource
No one of Privacy settings is not change anything, tryied all
available ways. (change to none, private, organizational, public,
disabling privacy settings and etc)
How to use odbs source DSN name from csv file?
(Answer to be expanded with additional info provided - see comments on original question)
While I have never imported a DSN name through a CSV, your saying that it works on your local machine makes me accept that this is at least possible so we'll instead focus on issues with the gateway.
My first impression here as to why this might not be working is simply permissions and visibility.
Having worked with a number of PowerBI Service setups, the issue with an unrecognized ODBC DSN usually falls into the following issues:
Is the DSN setup as a system DSN?
Is the gateway setup as a LocalService Account vs PowerBI Gateway Host Account?
Does which user the gateway is setup under actually have permissions to the directory that the data source (or custom connector) that the connection depends on?
So:
Fairly straight forward: all gateway accessible ODBC sources need to be setup on the gateway host as system DSNs, not user DSNs. See your ODBC Data Source Administrator here:
Confirm the On-Premise Gateway "Logon" User on the gateway's host machine? Generally I recommend going to Windows Services and making sure to use the "Local System account" (to inherit permissions) but just consider this during the next step of checking local permissions.
This applies to anything which is "self-hosted" on the local machine that is the gateway host: Whichever account is hosting the powerbi gateway service must also be given explicit permissions to the local resources needed. For example, if you add a custom connector to the documents directory on the gateway host under your user account - make sure the PowerBI default user has access to that directory and file. I.E. File properties -> Security -> User permission etc.
In my experience, 9/10 times one of these things isn't setup right.
Additional note - every time you upgrade or re-install a powerbi gateway host, you will have to change the service login account and double check all permissions. I don't know why but it overwrites that setting by default disabling all refresh until restored.
Edit:
After further thinking, I believe you will eventually run into the roadblock regardless - PowerBI Service's Gateway Data Source mappings are 1-1. After upload you will get this screen in the dataset settings:
Which requires that the data source has been defined in the PowerBI service's settings:
I don't believe that it is currently possible to make that definition a variably composed string per user's request.
Dsn name can be only static and only string

AppsFlyer: Is there way to find if user reinstalls the app

I am trying to find if the users current app install if the first or if its a reinstall. Is there any way to determine this using iOS SDK?
You can make use of the getAppsFlyerUID API and compare the ID's you are getting.
Swift:
let appsflyerId = AppsFlyerTracker.shared().getAppsFlyerUID()
Objective-C:
NSString *appsflyerId = [AppsFlyerTracker sharedTracker].getAppsFlyerUID;
For every new install, you should see a new AppsFlyer ID.
For this to work in between app reinstalls, you'll have to keep the "old" AppsFlyer ID in a persistent data storage like KeyChain or an internal BI system - so you can compare (or check if a previous ID exists).

Find files accessible outside of my organization

In the Drive.Files.List I can, using the 'q' parameter, get all files a user can read/write or own. I would like to be able to use regular expression in the query value. For example set q to be "not '.+#my-org.com' in writers".
Is such a query already supported?
Do I have another way (except invoking Drive.Permissions.List for each and every file in my Drive) to get this information from?
Seems the only account level drive API is part of the report API - activities list. This API (and admin console - audit - drive) section is only supported in the unlimited license. Still haven't found the proper API get the drive state (list all files metadata in the account, permissions etc.) seems that the state can only be inferred from analyzing the relevant activity events assuming the activity is not being evicted after a predefined period of time.
My conclusion, at the moment, is that there is no "root" directory at the account level. "root" is only with respect to the logged in user.
I would be more than happy to be proved wrong.
Uri