Public Link
When selecting the App Author
permission or the Dataset Author
permission, you can generate a shareable link (not available for User
permission). Both system users and non-logged-in users can view the app through the shared link.
Please Note
Public links are not restricted by the Row Permission Control in App Settings. This means that whether the user is logged in or not, the data viewed through the public link is filtered based on the data connection permissions of the Dataset Author or App Author, and row permissions do not apply. In the User
permission mode, the public link button is not enabled.
Public Link Settings
The public link for the app supports the following settings.
Public Link QR Code
The public link for the app can be shared via a QR code. Click the QR code on the right to obtain it. Mobile users can scan the code to view the app, making sharing more convenient and efficient.
Hide Dashboard Title
When "Hide Dashboard Title" is checked, the dashboard title at the top (highlighted in the red box in the image) will not be displayed when previewing the public link. The functional buttons on the right side of the dashboard title, such as "Fullscreen," "Refresh," and "Export," will also not be displayed. Corresponding parameters will be generated in the app link.
Hide Pager
When "Hide Pager" is checked, the pager (highlighted in the red box in the image) will not be displayed when previewing the public link. Corresponding parameters will also be generated in the app link.
Password Required for Access
For external users, the dashboard information can be shared using a public link with a password to ensure data security. The system is configured with a default random password, but users can also edit and define their own public link password.
HMAC Signature Protection
Many enterprises are highly sensitive about their data and do not want it to be accessed arbitrarily. To ensure the security of shared URL filters, we have added an HMAC hash verification feature in App Settings
-> Public Links
.
The specific steps are as follows:
- The system administrator enables HMAC Signature Protection in
Settings
->Security Policy
->Data Privacy Protection
.
Users can only view and copy the key if HMAC Signature Protection is enabled in Settings
-> Security Policy
-> Data Privacy Protection
.
- Users enable Public Links and HMAC Signature Protection in
App Settings
->Public Links
.
- When enabling HMAC Signature Protection, you can set an expiration time as needed. If not set or set to 0, there will be no expiration time. The validity period is calculated as a time range before and after the current time. For example, if the validity period is set to 60 seconds and the HENGSHI server time is 2021-01-01 10:10:10, the public link will be valid between 2021-01-01 10:09:10 and 2021-01-01 10:11:10.
- When an unauthenticated user accesses the public link, a "Parameter validation failed" message will be displayed.
To embed a shared URL, users must calculate the signature. Click the signature icon, fill in the fields in the popup according to the example, and click calculate to get the signature result.
The format for embedding a shared URL is:
shareUrl?having={having}&where={where}&utcSecond={utcSecond}&signature={signature}
.
Example:
- When an unauthenticated user accesses a link with the signature parameter (HMAC hash verification enabled), modifying "Beijing" to "Shanghai" will result in no data being displayed, and the system will prompt "Parameter validation failed":
https://develop.hengshi.org/share/app/E5FA041D8/dashboard/1?where=[{"op":"in","kind":"function","args":[{"kind":"field","op":"city","dataset":1},{"kind":"constant","op":["Beijing"],"dataset":1}]}]&signature=bf576f3de3259555e2247b64bd341a27a237ef87
Tip
The system administrator can reset the HMAC key in the system settings. At the same time, users must update the key (64-bit hmacKey) in their logic for generating the "hash value."