I followed the official rest-api documentation of sylius but couldn't create the user with field user[authorizationRoles]. Since role_user is default role, i provided arrays of roles as mentioned in docs like this
POST http://localhost:8000/api/customers/
firstName = Ram
lastName = Thakuri
email = ram#yahoo.com
gender = m
user[plainPassword] = ******
user[authorizationRoles] = [ROLE_API_ACCESS]
I even searched in similar posts but couldn't found right answer, don't know where i am wrong but got validation failed message and errors as below (i am using POSTMAN).
{
"code": 400,
"message": "Validation Failed",
"errors": {
"errors": [
"This form should not contain extra fields."
],
"children": {
"firstName": {},
"lastName": {},
"email": {},
"birthday": {},
"gender": {},
"phoneNumber": {},
"subscribedToNewsletter": {},
"group": {},
"user": {
"children": {
"plainPassword": {},
"enabled": {}
}
}
}
}
}
I want to receive an access token using an OAUTH for every registered user to have an api access.
I am newbie to sylius so please help me out on this.
Thanks in advance
You are not able to do it out-of-the-box. The endpoint you are trying to use is related to customers, therefore setting authorization roles has been removed. This part of the documentation is outdated. You can open a PR with the fix, if you want :)
Anyway, it will be possible to do it with the PR #7711 which will allow managing SyliusUsers but through /users/ endpoint which will not create a customer.
The best solution for you would be to customise Sylius\Bundle\CoreBundle\Form\Type\User\ShopUserType and add that field to FormType. Just take a look at the PR I have mentioned before.
Just as a warning, I want to stress, that ShopApi is an experimental concept for Sylius, so you can meet a lot more complex problems if you want to use it this way. It is doable, but not trivial.
Related
This was originally a support ticket to Microsoft. However they told they don't do dev support without paying for it. They directed me to Stack Overflow, so here goes nothing.
I'm developing a Bot for Microsoft Teams. I have registered my bot with Azure Active Directory, & Bot Framework. I have uploaded my app to Team, without any errors. My bot is currently able to send direct messages to Teams users. However, when I try to add my bot to a Teams channel, I get unhelpful errors.
I click the dropdown under my app in the Apps tab:
I click "Add to a Team", then select a channel:
After clicking the button "Set up a bot", I get the following error message:
I have checked & rechecked my webApplicationInfo.id & webApplicationInfo.applicationPermissions numerous times, and I'm at a loss for what could be amiss. I don't see how either of these fields could be wrong given, I can authenticate with both the Microsoft Graph & Bot Framework apis using these values. Here's a slightly redacted version of my Teams app manifest:
{
"$schema": "https://developer.microsoft.com/en-us/json-schemas/teams/v1.8/MicrosoftTeams.schema.json",
"manifestVersion": "1.8",
"version": "1.0.15",
"id": "<TEAMS_APP_ID>",
"packageName": "ambition",
"developer": {
"name": "Ambition",
"websiteUrl": "https://ambition.com",
"privacyUrl": "https://ambition.com/privacy",
"termsOfUseUrl": "https://ambition.com/pages/terms"
},
"icons": {
"color": "logo_opaque_192x192.png",
"outline": "logo_transparent_32x32.png"
},
"name": {
"short": "Ambition",
"full": ""
},
"description": {
"short": "Motivate & Recognize",
"full": "Ask Marketing"
},
"accentColor": "#FFFFFF",
"permissions": [
"identity",
"messageTeamMembers"
],
"validDomains": [
"ambition.com"
],
"bots": [
{
"botId": "<AZURE_ACTIVE_DIRECTORY_CLIENT_ID>",
"scopes": [
"team",
"personal",
"groupchat"
],
"isNotificationOnly": true
}
],
"webApplicationInfo": {
"id": "<AZURE_ACTIVE_DIRECTORY_CLIENT_ID>",
"resource": "https://ambition.com",
"applicationPermissions": [
"Channel.ReadBasic.All",
"ChannelMessage.Send",
"Group.Read.All",
"Notifications.ReadWrite.CreatedByApp",
"Team.ReadBasic.All",
"User.Read",
"User.ReadBasic.All"
]
}
}
The webApplicationInfo section is really only for two things: Tab SSO, and Resource-Specific Consent. Are you trying to implement either one of those? If not, removing it is definitely the best option, as you've noted in your answer.
In addition, I see that the resource values you've put in there are Microsoft Graph Scopes, whereas the applicationPermissions section is expecting a different list of options (they look kind of similar, but their not the same thing). See here for more: https://learn.microsoft.com/en-gb/microsoftteams/platform/graph-api/rsc/resource-specific-consent#resource-specific-permissions
Don't really know why this works, but I compared my app manifest to the one generated by going through this tutorial: https://learn.microsoft.com/en-us/microsoftteams/platform/build-your-first-app/build-bot.
Removing the webApplicationInfo property from my manifest fixed the issue. Don't really understand why it was causing a problem in the first place.
https://learn.microsoft.com/en-us/microsoftteams/platform/resources/schema/manifest-schema#webapplicationinfo
I am trying to create the schema for Message API
As per the documentation, the sample response properties for reaction provided are below
Documentation sample response
"reactions": [
{
"reactionType": "like",
"createdDateTime": "2019-01-21T19:55:51.893Z",
"user": {
"application": null,
"device": null,
"conversation": null,
"user": {
"id": "e1ecb745-c10f-40af-a9d4-cab946c80ac7",
"displayName": null,
"userIdentityType": "aadUser"
}
}
}
]
From the documentation user is Identity type identity set
Identity is of type:
{
"displayName": "string",
"id": "string",
"tenantId": "string",
"thumbnails": { "#odata.type": "microsoft.graph.thumbnailSet" }
}
From the sample response as well as the response from endpoint, tenantId is not present.
There is a difference in sample response/actual endpoint response and documented properties:
The one with tenantId or one without tenantId.
The user is 1 level as per property documentation but as per actual response and sample response user property has user with in.
What is the correct schema of reaction property that we should consider, because we see variation in documentation vs actual response ?
ok, I think I understand - you're just asking what you should be coding for / expecting, when you query the api. It looks to me like the first link you've posted is the more correct, but you can verify this by using the Graph Explorer. This response does NOT bring back "tenantId", but you haven't explained if you -need- tenantId. If so, there are other ways to get it.
#KritikaVohra, Consider the response that you receive from the https://graph.microsoft.com/beta/teams/{id}/channels/{id}/messages. You don't need tenant id here. in case in conversation if you need it, you can use it from turnContext.
We're using the client_credentials flow to get access for our application to tenants environments. The application has the correct scopes, and we get an access token that is working for other endpoints like /users but when doing a request like the following we get error messages.
GET https://graph.microsoft.com/beta/me/findRooms
{
"error": {
"code": "ErrorInvalidUser",
"message": "The requested user '{userId}#{tenantId}' is invalid.",
"innerError": {
"request-id": "b72d26a3-d0ad-42eb-a3d3-35951cb42b3d",
"date": "2020-01-21T10:21:28"
}
}
}
I understand that there's no "me" when we're just an application, but how do we access these types of endpoints in that case? Do I have to have a user to act as, as well? That seems to me like it defeats the purpose of a daemon like this. Cannot find any clear documentation on this matter. On this page in the docs on the use a token section they even refer to a /me endpoint, which is incorrect in that case.
I've tried requesting the /users/{id}/findRooms endpoint with all different kinds of ID's I can find in the access token - none of them work.
Other people with the same issue, that have yet to resolve it.
1. Feedback area in docs
2. Github issue
Best regards,
Christopher
Using the /users/{user-id} is the only pattern that will work with client credentials. In your case, this should work, so maybe it's an issue with the id you are using.
To make sure I'm not giving you bad information, I just tested this with an app-only token from the client credentials flow. Parsing that token over at https://jwt.ms, I see the roles claim like so:
"roles": [
"User.Read.All"
]
If first did a GET /users?$select=displayname,id, and this user was included in the response:
{
"displayName": "Adele Vance",
"id": "3103c7b9-cfe6-4cd3-a696-f88909b9a609"
}
This is the id to use in your findRooms call. I did GET /users/3103c7b9-cfe6-4cd3-a696-f88909b9a609/findrooms and got the following response:
{
"#odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.emailAddress)",
"value": [
{
"name": "Conf Room Adams",
"address": "Adams#M365x330971.onmicrosoft.com"
},
{
"name": "Conf Room Baker",
"address": "Baker#M365x330971.onmicrosoft.com"
},
{
"name": "Conf Room Crystal",
"address": "Crystal#M365x330971.onmicrosoft.com"
},
{
"name": "Conf Room Hood",
"address": "Hood#M365x330971.onmicrosoft.com"
},
{
"name": "Conf Room Rainier",
"address": "Rainier#M365x330971.onmicrosoft.com"
},
{
"name": "Conf Room Stevens",
"address": "Stevens#M365x330971.onmicrosoft.com"
}
]
}
We are getting the permissions of a driveItem using Microsoft Graph as documented here.
Each returned permission object usually contains a grantedTo field that has an IdentitySet as its value. But the issue with that is that each Identity is always a user:
"grantedTo": {
"user": {
"displayName": "data Owners",
"email": "data#example.onmicrosoft.com",
"id": "94c3e81b-f6fb-43c6-8df5-b98462ccf191"
}
}
"grantedTo": {
"user": {
"displayName": "Data Members"
}
}
This occurs even though those are Groups. So there's no way, using this data, to identify with certainty what is a Group and what is a User.
We want to avoid any additional request to do so as this can become quite inefficient.
Thus we are asking is there a way to identify if it is a group or user, without any additional API requests? For example some undocumented query parameters or relationships?
I'm afraid this isn't possible because the IdentitySet itself doesn't distinguish between Users and Groups:
{
"application": {"#odata.type": "microsoft.graph.identity"},
"device": {"#odata.type": "microsoft.graph.identity"},
"user": {"#odata.type": "microsoft.graph.identity"}
}
I'm trying to create a planner plan using Graph as per http://graph.microsoft.io/en-us/docs/api-reference/beta/api/user_post_plans
but I'm consistently getting the following BadRequest response:
"error": {
"code": "BadRequest",
"message": "Write requests are only supported on contained entities",
"innerError": {
"request-id": "eae08944-6f47-477e-9950-ade31c473dd7",
"date": "2016-03-07T11:59:04"
}
As per the docs I'm POSTing to https://graph.microsoft.com/beta/me/plans with the following body:
"createdBy": "<my uuid>",
"owner": "<a previously generated group uuid>",
"title": "Blah Plan"
with no luck. The previously generated group looks like the following:
{
"id": "<uuid>",
"classification": null,
"createdDateTime": "2016-03-07T09:53:26Z",
"description": "Int Test",
"displayName": "Int Test",
"groupTypes": [
"Unified"
],
"mail": "<email_address>",
"mailEnabled": true,
"mailNickname": "IntTest",
"onPremisesLastSyncDateTime": null,
"onPremisesSecurityIdentifier": null,
"onPremisesSyncEnabled": null,
"proxyAddresses": [
"SMTP:<email_address>"
],
"renewedDateTime": "2016-03-07T09:53:26Z",
"securityEnabled": false,
"visibility": "Public"
}
I've tried various combinations of request bodies. With and without createdBy values. With and without owner values. Nothing seems to work.
Any ideas where I'm going wrong? The error is consistent across my integration tests as well as through the graph explorer.
Thanks
As Sriram mentioned, this was a documentation bug. It has just been fixed. The updated URL is: https://graph.microsoft.io/en-us/docs/api-reference/beta/api/plan_post_plans
The issue was in which endpoint to call to create a plan. You should call "/plans" instead of "/me/plans". You should also be aware that some of the data you are passing in is read-only. You should not include "createdBy" because this is a read-only property set by the service, not you. The plan resource documentation will show you all of the properties that can be set on a plan.
The last thing to keep in mind is that you can only have one plan per group. If you try to make a second plan, you'll receive an error about this from the API.
In Juli 2017 the API was modified and released. The new endpoint for creating a plan now is:
https://graph.microsoft.com/v1.0/planner/plans
with a request body e.g. like this:
{
"owner": "<group-id>",
"title": "my plan title"
}
where <group-id> must be the id of a previously created group.
Apologies for the confusion here. The documentation has a bug will be updated shortly. To create a plan, please ensure that a group is created, and the user is member of group. Then create the plan with owner set to group id, and createdBy set to user id.
For this issue, can you please try following the below steps exactly?
Create a unified group
Add user to be member of unified group
Create plan by sending {“owner”: group-id, “title”: string} - do not send "createdBy" field since it's a read-only field
For adding tasks to buckets, it should work just fine if you sent
{“planId”: plan-id, “bucketId”: bucket-id, “title”: string}
If this still doesn't work, feel free to reach out to me at lixian#microsoft.com.
Thanks,
Sean