How can my slack custom command produce /remind me like links - slack-api

I am writting a custom slack command that implements a
task manager like interface (I know ... there are many out there :-), mine interfaces with odesk/upwork to outsource my micro-tasks :-) ) .
Anyway, I like a lot how the /remind command included Complete Delete etc links in its output to facilitate subsequent interactions with the user that entered the command and I am trying to figure out how to do the same trick.
What I have thought so far is to include links in my output that are ... GET /slack-link?method=POST&token=xxx&team_id=xx&command=.. ie carry in their query string the complete json payload that slack would have produced from a normal custom command. slack-link acts as a "proxy" whose sole role is to submit a POST back to my normal slack endpoint. I can even reuse the same response_url for these command-links.
I have not tried it but I think these URLs will just open another window so that path wont exactly work...
Has anybody tried something like that before?

As you've learned, those are currently only available to built-in commands. However, as I was curious and wanted to know how those are done, I looked in the API and found out that the URLs are just formatted normally but have a special "protocol":
You asked me to remind you to “test”.
​_<slack-action://BSLACKBOT/reminders/complete/D01234567/1234//0/0/5678|Mark as complete>
or remind me later: <slack-action://BSLACKBOT/reminders/snooze/D01234567/1234//0/0/5678/15|15 mins> [...]
Clicking on such a link results in an API request to method chat.action, with the following parameters:
bot: BSLACKBOT
payload: reminders/complete/D01234567/1234//0/0/5678
token: xoxs-tokenhere-nowayiampostingithere
So it looks like those URLs have three parts:
<slack-action://BSLACKBOT/reminders/complete/[...]|Mark as complete>
slack-action://: the "protocol" like prefix to let Slack know this is a chat action URL.
BSLACKBOT: the bot which (who?) will receive the payload. Can only be a bot user and the ID must start with B, or the API request will fail with invalid_bot.
the rest of the URL: the payload that gets passed to the bot. It doesn't look like this is parsed nor handled specially by Slack.
This is actually not a new feature, since they used to have API URLs back in late 2013 or early 2014 (I don't remember precisely) which they removed for "security reasons".
It could be interesting to see if we can use chat actions with custom bots, and if so, what we could do with it.

I got the answer from Slack support:
In regard to your original question: currently Slack doesn't provide
the ability to embed 'action' links in our custom integrations. Only
built-in features like /remind can utilize these at the moment. For
external services, you'll need to link to a URL that opens in an
external web browser.
We do hope to provide a similar function for custom integrations in
the future, allowing for interactive messages.
Thanks,
Ben

Related

Post Slack message as specific user

I'm building a Slack bot with slash commands and I would like to post a message with an attachment as a specific user (specifically, the user that called the slash command).
I know this is possible because the Giphy Slack integration does so when responding to the /giphy [image] command, by responding as the user with a gif image.
I tried using the chat.meMessage method but this does not appear to support attachments.
I tried using the as_user argument in the chat.postMessage method, but this inherits the authenticated user rather than the user that called the slash command.
Responding to the slash command immediately or performing a delayed response (using response_url) doesn't seem to support non-bot responses. If they do, I can't seem to find where it's documented.
In the slash request Slack does provide both user_id and user_name parameters, so I imagine I can make use of those.
I reached out to Slack with this question, and unfortunately at this time it doesn't look like what I'm asking for is possible. The Giphy Slack integration was internally built.
Maybe in the future!

Edit or forward an existing mail into Gmail Compose Window

I have a Chrome extension which adds new functionalities to the Gmail interface.
I'm trying to create email "templates" which have a default header, footer and signature (using html, images & css). I want to open these templates in order to edit and send them, just filling the actual content of the email.
I was wondering if there is any way to open these emails directly into the Gmail Compose Window or something like that. Maybe there is a parameter to do this using the URL, like: https://mail.google.com/mail/?view=cm&fs=1&id=xxxxxxx.
I've tried loading the template using the body parameter, but it seems that it doesn't support html.
Any ideas?
Finally, I've found a way to open a mail directly into the "Compose" Window, ready to be edited and sent. It's so simple that I can not believe it takes me 2 days to figure it out:
Just use the url:
https://mail.google.com/mail/u/[accountNumber]/?zx=#[tag]?compose=[MailID]
accountNumber is useful if you have two or more accounts at the same time
tag its the mail list that you want to see behind the compose window (ussually inbox).
MailId ... well, the Gmail Message ID.
For instance, https://mail.google.com/mail/u/0/?zx=#inbox?compose=14bbb0dae14fec1f will open the inbox of your first account with a Compose Window opened and pre-populated with the e-mail data.
There is already a feature called "canned Response" in current gmail compose window which is probably solving the same problem that you are trying to solve with your extension.
well I am not sure URL has html support or not but I think it should not support it to protect user from cross-site scripting attacks.
you can also consider Gmail rest API if you want to compose gmail message with your own custom template but using this you may have to do lots of things from scratch.

Its possible to set fields values of a site and submit then with a Programing Language?

I have this site:
https://acad.unoesc.edu.br/academico/login.jsp
And I want to put info in the fields values and submit then, to get the next page and navigate in that site. Thats because I want to create an android app or something like that. Im using lua in first case, with luasocket(http).
I know that the input has its names, but I dont know how to set then and send then to the server. If someone can help me with this.
Thank you.
You can use POST method with luasocket. See the official documentation and a detailed example in this SO answer.
Since you seem to be doing authentication, you'll probably need to save the cookie value returned to you as part of the login response and then pass that cookie back to the server (otherwise your subsequent requests will fail as the server will reject those requests as non-authenticated).
Since you are sending this over https, you'll need to use LuaSec, which provides ssl.https module as replacement for the http module that luasocket provides. You may check my blog post for some example of how this can be done.

Ping/Post Form Handling with PHP?

I'm working with a company on lead delivery, and they sent me some info regarding a Ping Post form setup. I've built hundreds of HTML forms processed by PHP (ie. sending an email/etc), but never something that would Ping a url, then return a value. The value it returns is XML.
Here's the purpose of the process:
I send a lead (form data) using the form with a particular zip code
This company parses that info, decides if it wants to "buy" it
Returns XML saying "Approved" or "Denied"
If "approved", I then post the data, and if "denied", I can do whatever I want
What is a common PHP method for doing this? I can research the code and put something together, just need to know what structure or PHP methods would work?
Thanks in advance.
You should be looking into RESTful Web Services.
here's a few examples that might help you
http://markroland.com/blog/restful-php-api/
http://coreymaynard.com/blog/creating-a-restful-api-with-php/
I did not create these examples, just what I found on Google.
I used file_get_contents(url) to handle the posting. The url contains inputs from the HTML form added as a query string, and the response is in XML which gets handled with simplexml_load_file().
As far as I understand your question what you need is to make an HTTP POST request and parse the incoming XML data.
I would rather not use file_get_contents() on remote servers - there are some potential security issues and it was missing some features the last time I checked. I strongly recommend cURL for remote HTTP/HTTPS communication.
Depending on the API you are posting to you might be able to use the SOAPclient class, but from the look of the response you got all you need is XML parser or Simple XML.
Anyway if you just need to check if a certain keyword (like Approved or Denied) is present you can use a simple string matching like this
if(strpos($response,'<STATUS>APPROVED</STATUS')!==false){
//approved
}
...

Changing the interface of a webservice witout having access to it

I have awebsite, lets just call it search, in one of my browserpages open. search has a form, which when submitted runs queries on a database to which I don't have direct access. The problem with search is that the interface is rather horrible (one cannot save the aforementioned queries etc.)
I've analyzed the request (with a proxy) which is send to the server via search and I am able to replicate it. The server even sends back the correct result, but the browser is not able to open it. (Same origin policy). Do you have any ideas on how I could tackle this problem?
The answer to your question is: you can't. At least not without using a proxy as suggested in the answer by Walter, and that would mean your web site visitors would have to knowingly login to your web site using their other web site's credentials (hmm doesn't sound good...)
The reason you can't do this is related to security, if you could run a script on the tab next to the one with the site open (which is what I'm guessing you want to do), you would be able to do a CSRF attack and get any data you wish and send it to hack.com
This is, of course, assuming that there has to be a login somewhere in the process, otherwise there's no reason for you to not be able to create a simple form which posts the required query and gets the info.
If you did have access to the mentioned website, you would be able to support cross domain xml using JSONP.
It is not possible to bypass the same origin policy in javascript (assuming that you want to do it with that considering your question). You need to set up a proxy server side that is doing the request for you and returns the html.
A simple way of doing this in PHP would be like this:
<?php
echo file_get_contents("http://searchdomainname.com" . "?" . http_build_query($_GET, '', '&'));
?>

Resources