Nova postagem

Pesquisar

Anúncio
· Dez. 13, 2024

[Video] Security In the Cloud - Assuring a Secure InterSystems IRIS Cloud Overlay

#Nuvem #Global Summit 2024 #Vídeo #Summit #InterSystems IRIS

Hi Community,

Enjoy the new video on InterSystems Developers YouTube:

⏯ Security In the Cloud - Assuring a Secure InterSystems IRIS Cloud Overlay @ Global Summit 2024

Much of what makes the cloud unparalleled as a business enabler gives rise to unique security challenges. While embracing self-managed resource stewardship at a mass scale and global reach with looser allowances and greater freedoms, the cloud can quickly become the Wild West. In this session, we’ll review the challenges and provide guidance on taming that landscape. We’ll consider aspects such as governances, guardrails, defenses in depth, cloud well-architected principles, identity and privilege management, observability, and data protection.

🗣 Presenter: Scott Abrutyn, Cloud Security Architect, InterSystems

Enjoy watching, and look out for more videos! 👍

Discussão (0)1
Entre ou crie uma conta para continuar
Artigo
· Dez. 13, 2024 5min de leitura
Open Exchange

SharePoint/ SPO API with intersystems

#Concurso #REST API #Caché #Ensemble

As part of the Open Exchange competition Salford Royal (Dean White and Mark O'Reilly) developed a REST API for sharepoint as a template that works but can also be a starting point to your own Rest Applications 

Prerequisites

This is using the v1 REST sharepoint API you need a tennant id, client id, client secret and tennant name 

Setup 

Configure an OAuth server

 

The code in the middle is the tennant ID 

Create a client config name as whatever you want 

Set up the oauth client replacing your server ip with the ip of the server you are on (not the VIP address- if not part of a VIP localhost may work) 

Add in client credentials 

 

change over the settings on SharepointRESTConnector like HTTPSERVER,SHAREPOINT-SITENAME- SHAREPOINT FILEPATH- SSL (blank up to 1.3) params replace the tennant name and tennant id. 

Code 

SharePointOnlineRESTOperation

OAuth Scope isn't user in this example  but left here as a template if you need it for other rest implementation 

It uses and builds on default rest   Set tSC=..AddAccessToken(.tHttpRequest) which manages the token and will pass through any additional properties required for the API. For sharepoint API it requires a resource and this gets added in the settings in the comment notes 

/// For SPO the Params should be {"resource":"00000003-0000-0ff1-ce00-000000000000/{TennantName}.sharepoint.com@{TennantID}"} <p>
/// 00000003-0000-0ff1-ce00-000000000000 is the ResourceID asigned to SPO by Microsoft, and should not change <p>
/// {TennantName} should be changed to the same as the HTTP server e.g.intersystems.sharepoint.com <p>
/// {TennantID} is the ID for your server name tennancy

Get File list 

Will call list of files in the folder you have. It can run the time since you last downloaded or all files It queries ens header.

It calls the GetFolderByServerRealativeURL

 Set ..Adapter.URL="/sites/"_$$$URLENCODE(..SharepointSitename)_"/_api/web/GetFolderByServerRelativeUrl('"_$$$URLENCODE(..SharepointFilePath)_"')/Files"_filter Set ..Adapter.URL="/sites/"_$$$URLENCODE(..SharepointSitename)_"/_api/web/GetFolderByServerRelativeUrl('"_$$$URLENCODE(..SharepointFilePath)_"')/Files"_filter

 The response gets read by the processer. 

It all sends http messages like POSTMAN would 

A Constuct response method was taken from the generic operation intersystems had written to return http responses 

DeleteFile

Calls a delete send request to getfolderbyserverrelativeurl/files 

key lines below 

 Set ..Adapter.URL="/sites/"_$$$URLENCODE(..SharepointSitename)_"/_api/web/GetFolderByServerRelativeUrl('"_$$$URLENCODE(..SharepointFilePath)_"')/Files('"_$$$URLENCODE(pRequest.FileName)_"')"
  Set tSC=..AddAccessToken(.tHttpRequest)
  	s tSC = ..SendRequest(.tHttpResponse,send,tHttpRequest, .pResponse)
    Quit ..constructResponse(.tHttpResponse,.pResponse)

DownloadFile

if it is a Ens.StringContainer (you could make this a bespoke message extending this of like Messages.DownloadSharpointFile) it reads the name and then sends the name in the api url. it reads the response pack and will add to a steamcontainer the binary stream. As always we create the stream and then package it up into the streamcontainer. 

Key code below (changed some s to set for display here) 

  set binaryStream =##Class(%Stream.FileBinary).%New()
  Set tSC=..AddAccessToken(.tHttpRequest)
  Set ..Adapter.URL="/sites/"_$$$URLENCODE(..SharepointSitename)_"/_api/web/GetFolderByServerRelativeUrl('"_$$$URLENCODE(..SharepointFilePath)_"')/Files('"_$$$URLENCODE(pRequest.StringValue)_"')/OpenBinaryStream()"
  Set tHttpResponse = ##class(%Net.HttpResponse).%New()
  set send="GET"
  set tSC = ..SendRequest(.tHttpResponse,send,tHttpRequest, .pResponse)
  set pDownloadResponse =##Class(Ens.StreamContainer).%New(binaryStream)
  set pDownloadResponse.OriginalFilename=pRequest.StringValue

Add File

GetFolderByServerRelativeUrl/filepath/Files/add(url=filename,overwrite?)

Key lines 

Set ..Adapter.URL="/sites/"_$$$URLENCODE(..SharepointSitename)_"/_api/web/GetFolderByServerRelativeUrl('"_$$$URLENCODE(..SharepointFilePath)_"')/Files/add(url='"_fn_"',overwrite="_$$$URLENCODE(..OverwriteExistingFile)_")"
Set tSC=..AddAccessToken(.tHttpRequest)
  s tHttpRequest.EntityBody=##Class(%Stream.FileBinary).%New()
	s sc=tHttpRequest.EntityBody.CopyFromAndSave(pFileToUpload.Stream)
	Set tHttpResponse = ##class(%Net.HttpResponse).%New()
	S send="POST"
	s tSC = ..SendRequest(.tHttpResponse,send,tHttpRequest, .pResponse)

Send Request 

This does the sending of any request expecting a http response. 

Does the handing of responses and reuns a ENSLIB.HTTP.GenericMessage. A lot of headers come back and there is a check box to simplify the response back to just be error code and data. 

Construct Response

Used from elsewhere in TIE not original code in this method

AddAccessToken

This was the real learning. this is default type code to use the intersystems OAuth settings and not hardcode this each time we need to use it. 

It's all built around three calls 

is authorised and 

  Set isAuthorised = ##class(%SYS.OAuth2.AccessToken).IsAuthorized(..OAuthClientApplicationName,sessionId,..OAuthScope,.accessToken,,.responseProperties,.error)

 Get access token


Set tSC = ##class(%SYS.OAuth2.Authorization).GetAccessTokenClient(..OAuthClientApplicationName,..OAuthScope,.properties,.error,.sessionId)

and a Add token which adds it to the header - unfortunetly it doesn't look like it could add to the body if credential is required there by other apis


        ;The default for sslConfiguration comes from the OAuth2.Client instance.        
        Set tSC  = ##class(%SYS.OAuth2.AccessToken).AddAccessToken(pHttpRequest,sendType,,..OAuthClientApplicationName,sessionId)

The additional bit is the Sharepoint API requires a resource. Now we have generalised this to use JSON so if you need any other parameters we thought lets add it as JSON so we can reuse the template in the future.

it adds it to the string object that the properties used. its like an array serialised string or something 

  s paramsarr = [].%FromJSON(..Params)
            s iterator = paramsarr.%GetIterator()
            s properties=""
            While iterator.%GetNext(.key,.value)
            {
                s properties(key)=value
            }

Example traces

 

Getting file list

Downloading files

deleting files

is if you tick this box 

Adding files

Thanks to @Dean White 
 

https://youtu.be/485dTXYp2BU

Update - add YouTube link and fix open exchange link 

2 Comments
Discussão (2)1
Entre ou crie uma conta para continuar
Resumo
· Dez. 13, 2024

[Last call to participate] Internal Tech Article Contest for Employees

#Resumo #Developer Community Oficial

Dear colleague,

There is still time to participate in the Internal Technical Article Writing Contest:

✍️ Tech Article Writing Contest for InterSystems Employees ✍️

Write an article on any topic related to InterSystems products or services and publish it on the Developer Community by December 15, 2024.

🎁 Gifts for all participants + three main prizes for the best articles!

➡️ All details can be found here.

Artigo
· Dez. 13, 2024 2min de leitura
Open Exchange

Intersystems Interoperability Enhancements with IRIS Whiz

#Concurso #Importação e Exportação de Dados #Portal de Administração #Dicas e truques #Ferramentas #Ensemble #InterSystems IRIS #InterSystems IRIS for Health #Open Exchange

The latest "Bringing Ideas to Reality" InterSystems competition saw me trawling through the ideas portal for UI problems to have a go at. 

I implemented the following ideas in the IRIS Whiz browser extension, so if you use the management portal to help with your day-to-day integration management this extension could be for you!

Feature Added: Queue refresh

Iris now has an auto refresh dropdown for the Queues page. Will refresh the queue at the interval selected. Does not load on Ensemble as it already has this feature.

Useful if you have an upcoming clicking competition and need to rest your clicking finger.

Implemented from idea: https://ideas.intersystems.com/ideas/DPI-I-487

 

Feature Added: Export Search as CSV

On the Message Viewer page you can click the Iris Whiz Export button to download a CSV copy of the data currently in your search table.

Useful if you want to do quick analysis on your data but don't want to use the fancy new Chart.JS page I spent ages creating (see that in action here!).

Implemented from idea: https://ideas.intersystems.com/ideas/DPI-I-566

 

Feature Added: Production Page Queue Sort

Added sort options for the queue tab on the production page. Defaults to sorting by error count. Click a table header to switch between asc and desc sort order. Use the search bar to find items quickly.

Useful if you don’t want to scroll to get to the biggest queue.

Implemented from idea: https://ideas.intersystems.com/ideas/DPI-I-628

 

Feature Added: Category Dropdown Case-Insensitive Order

Alphabetises the category dropdown list on the production page, regardless of case. Without this the order is case dependent.

Useful if you want to find things in the category list but don’t want to have to re-categorise everything into the same case to do it.

Implemented from idea: https://ideas.intersystems.com/ideas/DPI-I-625

 

Bonus! 

There’s also a refresh rate on the message viewer tab on the production page.  This will also refresh your queue tab if you select an interval and navigate to the queue tab. 

If you like any of these ideas please download the browser extension and let me know your thoughts. You can find a setup video on the OpenExchange listing which I recommend watching as you will need to complete some of it for most of the functionality to work!

Discussão (0)1
Entre ou crie uma conta para continuar
Artigo
· Dez. 13, 2024 3min de leitura
Open Exchange

Speedier Message Viewer Analysis with IRIS Whiz

#Analytics #Concurso #Importação e Exportação de Dados #Pesquisa de mensagens #Ferramentas #Ensemble #HealthShare #InterSystems IRIS #InterSystems IRIS for Health #Open Exchange

Prefer not to read? Check out the demo video I created:



As an interface developer I often get asked questions that require investigations into large quantities of messages. For example during a recent meeting our project manager asked me how many sites were actually using our newly set up orders interface.

Usually I'd be trying to copy the Message Viewer output to paste into Excel or simply run a message report for each individual site placing orders and using the message count returned…

This time however, using the Iris Whiz browser extension I had options.

 

Option 1 - Simple: Export CSV

An idea implemented from the InterSystems Ideas portal, simply click the Export as CSV button in the IRIS Whiz button bar to download the current search as a CSV file for easy Excel/Sheets manipulation.

 

Option 2 - Fancy: Analyse

In this case, I had just completed the Analysis tool in my Iris Whiz browser extension.

By adding the PV1-3.2 value to my message search criteria in Message Viewer I could easily run the report, click analyse and instantly have this information to hand in a simple doughnut chart - no exports needed.

 

 

Next, the project manager wanted to know what types of exam these sites were ordering. I added the OBR-4.2 value to my search criteria and re-ran the report. Clicking the analysis button now showed me the sites ordering and the exams ordered. (Each message search criteria is presented as a doughnut graph, tagged on to the end of the graph half of the analysis page)

Queue the third question.

Which sites are ordering which orders?

By clicking the required site in the interactive Doughnut graph I could view the data in the Data Viewer half of the analysis page. Another click on the filter button inside this box applies this data selection as a filter to all graphs - meaning that the exams Doughnut graph now shows the exams ordered for this site only.

Site graph and exam graph filtered by site:

 

And finally the hardest question.

When is this all happening?

Sifting through message times in the Message Viewer page to see when orders are being placed is a non-starter...

Fortunately I'd added a timeline graph to the analysis page.

I removed the filter and clicked the 'Show on Line Graph' button (toggled to ‘On’ for the PV1-3 chart in the screenshot above) to show the site data on the timeline graph at the top of the page.

A quick screenshot later and we were able to send out this report to our sites so they could confirm the number of orders for each day and ensure everything was working as expected.

These reports were to be run weekly, but luckily for me this task had become easy, especially when paired with the saved search function in the message viewer page so I never had to remember which search criteria to add.
 

Final Points

1. Sensitive Data:

The data in your Message Viewer search is sent to a new browser tab and as soon as the tab is closed it is gone - so no worries about sensitive data being saved in the browser. If you want to save a report use the default InterSystems functionality for Saved Searches and just run the report again at a later date. I had planned on a saving mechanism to save searches from the Analysis page but it didn't make the cut in this version.

2. Speed:

The analyse page is powered by the message search and I’ve put no hard limits into the amount of data it can show. The more messages and search criteria you add to your search, the slower the analyse page will go. With that in mind I’ve added a pop-up if you try to load more than 200 messages which allows you to choose if you want to load the bar chart at the top of the page or not. 

The bar chart shows every message as a selectable box. Clicking the box on the chart will add the message to the Selected Messages box in the data viewer (left) side of the page. You can then click the ‘View Selected Messages’ button to open these messages on a new page and take advantage of the message comparison features of the extension.

When clicking this button try not to have too many messages selected. Up to around 10 should be fine. 

Loading the bar chart with large data sets of 10,000s will definitely not be good for your browser but I've left it up to the user to decide.

3 Comments
Discussão (3)1
Entre ou crie uma conta para continuar