# |
Jun 9th 2019, 00:44 |
JDD_Canada |
I guess is hsould have checked foc first to see if they had a plugin |
# |
Jun 9th 2019, 00:44 |
JDD_Canada |
thanks, I'll try this |
# |
Jun 9th 2019, 00:44 |
JDD_Canada |
aaaah |
# |
Jun 9th 2019, 00:44 |
JDD_Canada |
well, already the docs seem better. I am going to want to extend it with a nextcloud adapter in the next dev round. |
# |
Jun 9th 2019, 00:44 |
challgren |
josegonzalez/cakephp-upload is what you need for composer |
# |
Jun 9th 2019, 00:43 |
challgren |
It uses Flysystem which has a ton of Adapters |
# |
Jun 9th 2019, 00:42 |
challgren |
https://github.com/FriendsOfCake/cakephp-upload |
# |
Jun 9th 2019, 00:42 |
JDD_Canada |
thanks |
# |
Jun 9th 2019, 00:41 |
challgren |
FOC |
# |
Jun 9th 2019, 00:41 |
JDD_Canada |
I will take a look right now :P |
# |
Jun 9th 2019, 00:41 |
challgren |
Have you looked into FOK/Upload? |
# |
Jun 9th 2019, 00:41 |
JDD_Canada |
Ive never really understood the event system, I am struggling here |
# |
Jun 9th 2019, 00:41 |
JDD_Canada |
I am trying to figur eout burzum/filestorage |
# |
Jun 9th 2019, 00:41 |
challgren |
Depends on what your doing |
# |
Jun 9th 2019, 00:40 |
JDD_Canada |
There is no functional difference between adding code to bootstrap.php, or putting inside the bootstrap() function of Application.php, correct? |
# |
Jun 9th 2019, 00:37 |
JDD_Canada |
oh, I feel much better now. These guys have a hodgepodge of dropbox, shareit, sharepoint, they have no idea where anything is hah ha. Thanks for the input |
# |
Jun 9th 2019, 00:16 |
challgren |
Yeah I wrote all those rate limits and alerting and it hasnt been triggered once either |
# |
Jun 9th 2019, 00:15 |
challgren |
Yeah my use case was a contractor could work for a number of tenants and/or be a tenant so the UUID was the best way to allow the contractor to access the job |
# |
Jun 9th 2019, 00:14 |
JDD_Canada |
Ah, that's great. I am not the only one with this idea :) that ratelimiting and blocking is a fantastic idea, no one is going to guess a uuid in 5 tries hah ha Thanks |
# |
Jun 8th 2019, 23:27 |
challgren |
@JDD_Canada thats my implementation for the contractors, yeah its not the best but its better than being public. Plus you can have rate limiting and a blacklist for invalid URLs. In my app if someone access a Invalid UUID more than 5 times they are blacklisted from accessing them for 5 minutes, then if they try 3 more times in a 24 hour period I’m alerted about the IP and can choose to firewall it if needed. |
# |
Jun 8th 2019, 23:24 |
challgren |
@adithya You need to whitelist the url with Facebook |
# |
Jun 8th 2019, 18:24 |
adithya |
Hi, I'm using admad's hybrid auth plugin and I'm trying to integrate FB login and I have whitelisted my redirect url to https://mywebsite/hybrid-auth/endpoint but fb is still throwing an error asking me to whitelist the redirect uri, can somebody please help me figure this? |
# |
Jun 8th 2019, 17:57 |
JDD_Canada |
I suppose i'm a little nervous putting business logic and data on a public access uri. Feedback for other devs using cake will give me the bit of handholding I need to take the risk hah hah |
# |
Jun 8th 2019, 17:55 |
JDD_Canada |
is before, and if so, considerations they took. Right now, the client is sharing with share it, and they have all their info in excel files, and the public links are awful :/ |
# |
Jun 8th 2019, 17:55 |
JDD_Canada |
I don't have a problem. I am thinking I have this neat idea, and I am going to rush headlong into it. It seems it is at least in part, security through obscurity. Technically, the information and functions are publicly available, but realistically, a char(36) uuid will not be guessed. I'm wondering if anyone here has here has done something like th |
# |
Jun 8th 2019, 17:23 |
graziel |
not sure where is the problem |
# |
Jun 8th 2019, 17:19 |
JDD_Canada |
s accessed by regular users. From a design standpoint, I am interested in thoughts.. this is a way out there idea. The client really likes the thought of managing access keys rather than users. |
# |
Jun 8th 2019, 17:19 |
JDD_Canada |
The idea being appurl/p:uuid would show the project, appurl/p/uuid/c/uuid would be the contrators access. Sort of like the very email function, but the hashes would be active for a longe rterm - the life of the project. pretty much the remote users only need to update statuses and send daily reports, the meat of the app is in the reporting, which i |
# |
Jun 8th 2019, 17:16 |
JDD_Canada |
expressed trepidation on having to manage user accounts (there will be many, and most users will have difficulty) So my idea is for the client to manage access hashes, which would be a char(36) uuid. so they could assign authorization by hash, and then the users could access via url. I'd parse the hash to figure out what they are allowed to see. |
# |
Jun 8th 2019, 17:16 |
JDD_Canada |
I have a design question - I am just looking for some input here. I am building a project management / resource tracking app. However, the users of the app are not generally computer users, and they are all contractors with different companies. As well, these contractors will fall under the purview of different vendors in the system. The client has |
# |
Jun 8th 2019, 16:01 |
graziel |
no problem |
# |
Jun 8th 2019, 15:59 |
loginews |
thanks a lot |
# |
Jun 8th 2019, 15:59 |
loginews |
Maybe I will go that way |
# |
Jun 8th 2019, 15:59 |
loginews |
The link you just gave is interesting |
# |
Jun 8th 2019, 15:58 |
loginews |
I have used custom sql queries before, by calling the connection manager |
# |
Jun 8th 2019, 15:55 |
loginews |
that would be a solution, except that I thought that once I manage to list what I am looking for in a find(), deleting them all would have been a simple operation. |
# |
Jun 8th 2019, 15:54 |
graziel |
second one will be a bit slower but imo easier |
# |
Jun 8th 2019, 15:54 |
graziel |
or just write query in orm and iterate over results with `$this->Rep06->delete($entity);` |
# |
Jun 8th 2019, 15:53 |
graziel |
you can use sql expression you write yourself if you want speed https://book.cakephp.org/3.0/en/orm/database-basics.html#running-delete-statements |
# |
Jun 8th 2019, 15:51 |
loginews |
the above snippet is the model table for rep06 |
# |
Jun 8th 2019, 15:51 |
loginews |
I want to delete all records in cptran where cshdet is not linked and is null. |