I'm attempting to iterate through all User Profiles in SharePoint 2010 from a Silverlight application that will be added to a SharePoint page. Based on what I've learned, the User Profile Service is different than the SharePoint Website's store of a list of users who are "members" of the site or have ever visited it. To get that list of users, see this question.
I know about the asmx web service that SharePoint 2010 provides at mysite.com/_vti_bin/UserProfileService.asmx, but that doesn't seem to have anything like a GetAllUserProfiles method. The closest it looks like I can get is by iterating through all users with successive calls to the GetUserProfileByIndex method, but that's far from optimal.
Is there a way to access User Profiles via a built-in Sharepoint 2010 REST-ful service, such as what's provided for site links at mysite.com/_vti_bin/listdata.svc/Links? If not, what approach do you recommend to get all existing User Profiles in SharePoint 2010?
EDIT:
The purpose of this is to provide summary profile information in the Silverlight control. For example, showing the User Profiles that have the most "Interests" set in their profile. This task is only possible by iterating through all User Profiles.
Are you sure you want to do this through a web service? Getting all links for a user means 20 simple urls. Getting all user profiles means 20,000 large complex objects.
Iterating through all profiles is something I have done in import code, but outside of that I can't think of a scenario where it wouldn't make more sense to use search - especially when user interaction is involved.
Related
This is my first question, so I hope I don't miss a thing. To be clear from the start: I don't expect an answer which dives deep into detail. This is just about getting a general understanding of how to work with this kind of software.
So I don't know if "Identity Management System" is a suitable term for what I mean but when I talk about Identity Management Systems I think of something like Azure AD, which as far as I know provides e.g. web developers the possibility to integrate a way users can authenticate (including access privilege etc.) on their website.
What I'm quite unsure about is how to work with/ integrate such tools in a project. I will try to make it clear with an example: Assuming I have a website let's say this website is a blog. The blog consist of different posts which are stored in my own database which is connected to the website. The posts are written by different users which authenticate with a tool like Azure AD. The user's data is stored somewhere on a server run by e.g. Microsoft. If I want to display the posts togethere with the name, email.... of the user who wrote them, how would I do this?
Is it possible to query the user's data directly from the Identity Management System and display it? This does not sound ideal to me as the consequence would be that data the website uses is stored in two different locations.
Would you kind of copy the user's data from the Identity Management System to the websites database and query it from there? This does not sound like a good solution either because then data would be duplicated.
So whats the "right workflow"?
I appreciate any hints and further information I can get:-)
AFAIK To get the user's information like name, email etc. you can add these claims while generating the JWT token.
To generate access token, you have multiple authentication flows such as Authorization code flow, ROPC flow, Implicit flow.
To add the claims that you need to return with the token, you can make settings like below:
Go to Azure Portal -> Azure Active Directory -> App Registrations -> Your app -> Token configuration -> Add optional claims
When you decode the token via JSON Web Tokens - jwt.io you can find the user information that you need.
To know how to generate access token, you can refer SO Thread which I solved it before.
I have been playing around with the Graph API to access the shared calendars and events within an organization.
I can successfully query my organization users and the calendar/events for any of those users. What I would like to do now is to generate a URL allowing you to jump to an outlook web session (eg - https://outlook.office365.com/calendar/) directly to a particular user's calendar (that you have access to).
I can see that Events have a 'WebLink' property that allows you to do this with a calendar event, but I can't find any documentation that indicates how you could jump to a calendar the same way.
I did find some old stuff implying that the old school OWA used to allow this but those url's don't look like they work anymore.
I also tried to pull apart the URL's provided when you 'share' you calendar with an external email address and it sends them a 'click here to add the calendar, or here to see a web view' etc email. That looked kind of promising because it actually DOES provide a direct link to a web version of the calendar; but it it includes a few fields in the URLthat I can't figure out (more than likely the external user auth) so I can't reverse engineer it to build one with the info I have available in the Graph API.
URL was of the form:
https://outlook.office365.com/owa/calendar/<userid>#<domain>/<52CharacterHex_ProbablyAHashedTokenForTheExternalUsersAuth>/<WindowsUserSID_ProbablyToRepresentTheExternalUserOrProxyAccessEntity>/reachcalendar.html
Anyone else got any ideas on how I can launch a web session of another uses calendar (that I have access to)? Ultimately what I am doing is creating a small management dashboard (using a summary built via Graph API data) that shows an overview of a collection of user's calendars but allows you to jump into the any individual user's full calendar if more info is required.
Publish to the web. follow this:
https://support.microsoft.com/en-us/office/share-your-calendar-in-outlook-on-the-web-7ecef8ae-139c-40d9-bae2-a23977ee58d5
basically
OWA -> Settings
Calendar -> Shared Calendars
Publish a Calendar -> copy HTML
I am developing (with help from SO members) an SPFX webpart(s) which comprises of a form and eventually a workflow that is essentially a glorified approval process with a UI connected to several lists and libraries.
After discussing the pros and cons of developing webparts for SP-Online, a developer said a weakness in security was the ability for the end user to simply bypass the web part and go straight to the list or library (if there are no permissions set on that list/library).
To seal off the list/lib I am planning on using SharePoint Designer workflows that run on item creation. This workflow will set access to only the creator and any people picker fields in the UI form.
My question is - are there are tips out there or sure fire processes that I can follow that can protect a project such as this from nosey folk?
Apologies to mod's if this isn't in the right place? Can you redirect me if so?
You could use SecurityTrimmedControl to show or hide components based on the user permissions.
Or custom logic similar as the demo.
Update:
SPFx use current user context(permission) to access SharePoint, so if user could access(CRUD) list data form SPFx, they can get data either by rest api or excel etc.,if you limit user permission for target items, you need other design to bypass this issue(check this thread).
I have a requirement for hierarchical user management system
where I have 3 hierarchies:
User
Manager
Admin
Now, Admin should be able to get a list as well as edit registrations with role 'User' as well as those with role 'Manager'.
'Manger' should be able to get a list of of registrations with role 'Users' and should be able to edit them.
I had thought of proceeding like:
router.get('/:role',auth.isAuthenticated(),auth.hasRole('admin'), users.findByRole);
where hasRole defines the minimum level of role required to access/edit the data.
However, I do not want a Manager to be able to get the List of admins or edit the list of admins.
It should have access to users list only.
This links suggests using bitwise operatorsbut I am pretty confused with the idea of integrating this piece of code with backend i.e saving and retrieving data from mongo db . Can I please get some pointers?
Look at this project: https://github.com/arthurkao/angular-drywall
This is good MEAN-stack based web app template with user management.
I'd like to create visualforce page that inserts a record into salesforce account object. However, I expect some of the page users won't have salesforce accounts. Can they still access it? If not, what are the alternatives that can be used to visualforce page in this case? (Please don't consider Web to Lead Forms).
Thanks,
Yes, it's possible. Go read about Salesforce Sites. For a start:
http://wiki.developerforce.com/page/Websites
http://wiki.developerforce.com/page/An_Introduction_to_Force.com_Sites
(of course it's also possible to write that page in say Java/.NET/PHP and use integration via SOAP or REST to talk to Salesforce... but these 2 main links will keep the whole solution within SF so no need to need to learn new language, have extra maintenance effort etc)
Sites are VF pages that expose a bit of your company's data without need to log in. You can use them to input data too, just remember that in theory anybody could learn the link and spam you (not too different from web2lead, inbound email handlers etc). You specify security in a way similar to Profiles, the records will have "Created By = {site name} Guest User".
I don't think there's anything out of the box to restrict visibility, they're open to whole world. So if you would want something similar to login IP ranges (so only sales reps from your office's network can enter data) - you might have to write some logic in the controller.