Specifications on the URLs used to invoke Dashboards

Owned by DevPortal Editor (Unlicensed)
Last updated: 23/01/23 by Onesait Platform
4 min read

Introduction

There are four URLs to access the dashboards: two in view mode and two in edit mode. There are two of each, since some are view or editfull URLs that are invoked from the control panel and viewiframe and editfulliframe that are invoked embedded in iframes or from the dashboard wrapper.

…/controlpanel/dashboards/view/{id}

…/controlpanel/dashboards/editfull/{id}

…/controlpanel/dashboards/viewiframe/{id}

…/controlpanel/dashboards/editfulliframe/{id}

In these four URLs, {id} is the dashboard’s identifier.

…/controlpanel/dashboards/view/{id}

When to use it?

This URL is used to access a dashboard in view mode, not being able to modify gadgets or dashboards.

It is the URL that is invoked from the control panel to open the dashboard in view mode.

What security is applied to gain access?

  • It is accessed from the browser cookies after having started a session on the platform.

  • It can also be accessed using the oauthtoken parameter. For example, from the browser you can launch this URL (In this case, we use the onesaitplatform lab as host):

    https://lab.onesaitplatform.com/controlpanel/dashboards/view/6dba9148-b807-4104-a118-9d897cf44ee7?oauthtoken={OAuth2 Token}

  • {OAuth2 Token} is the oauth2 token, without the Bearer prefix. For example, if your token is:

    “Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwcmluY2lwYWwiOiJhZG1pbmlzdHJhdG9yIiwiY2xpZW50SWQiOiJvbmVzYWl0cGxhdGZvcm0iLCJ1c2VyX25hbWUiOiJhZG1pbm...”

     

  • you must assign the following value to the parameter: https://lab.onesaitplatform.com/controlpanel/dashboards/view/6dba9148-b807-4104-a118-9d897cf44ee7?oauthtoken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwcmluY2lwYWwiOiJhZG1pbmlzdHJhdG9yIiwiY2xpZW50SWQiOiJvbmVzYWl0cGxhdGZvcm0iLCJ1c2VyX25hbWUiOiJhZG1pbm...

     

…/controlpanel/dashboards/editfull/{id}

When to use it?

This URL is used to access a dashboard in edit mode, it allows modifying, adding or removing gadgets, changing styles, creating tabs to have several pages within the dashboard, etc.

It is the URL that is invoked from the control panel to open the dashboard in edit mode.

With this URL we have access to the complete dashboard editing button, without any limitation, which will be displayed adjusted in the upper right part of the dashboard, it also allows you to edit the gadgets by accessing the forms for editing the gadgets of the control panel, clicking on the edit option of the menu in the head of the gadgets.

It also allows you to create gadgets or use those already created by dragging them from the add item option.

What security is applied to gain access?

  • To have full access to all the options that are allowed from the editor, it is necessary to have a platform session started in the browser.

  • It can also be accessed through the oauthtoken parameter but we will find the problem that part of the editing options will not work, such as creating a new gadget of the types bar, foot, table ..., or editing gadgets of these types, because Since you have not created a session, you do not have access to these control panel screens.

 

…/controlpanel/dashboards/viewiframe/{id}

When to use it?

This URL is used to access a dashboard in view mode, not being able to modify gadgets or dashboards. It is used to show a dashboard embedded in an iframe or an example of iframe from the dashboard wrapper:

<iframe id="sonIframe" src="https://lab.onesaitplatform.com/controlpanel/dashboards/viewiframe/6dba9148-b807-4104-a118-9d897cf44ee7?oauthtoken={OAuth2 Token}" style="height: 500px;width: 100%;background-color: #abcbea"></iframe>

This URL works the same as /view/ and has been maintained for backward compatibility with previous versions of the platform, since in previous versions you could not access with the oauthtoken from the /view/ URL.

What security is applied to gain access?

  • It can be accessed using the oauthtoken parameter.

  • It is also accessed from the browser cookies after having started a session on the platform.

 

…/controlpanel/dashboards/editfulliframe/{id}

When to use it?

This URL is used to access a dashboard in edit mode embedded in an iframe or from the dashboard wrapper. It allows you to modify, add or remove gadgets, changing styles, etc.

It is the URL that is invoked from the control panel to open the dashboard in edit mode.

With this URL, you can have access to the dashboard edition button limited or not show it. Within the limitations it does not allow editing the gadgets by accessing the forms for editing gadgets in the control panel, and certain items of the gadgets menu are also limited.

This post explains in more detail how to configure what to see and what not to see, when accessing in embedded editing mode:

https://onesaitplatform.atlassian.net/l/c/66UWPq21

However, it is prepared to be able to communicate from the parent element of the iframe in case of being embedded in an iframe through messages, being able to create and add gadgets to the dashboard, edit existing ones, save the dashboard, etc., as explained in this post:

https://onesaitplatform.atlassian.net/l/c/JBXhLFGg

What security is applied to gain access?

  • To have full access to all the options that are allowed from the editor, it is necessary to have a platform session started in the browser.

  • It can also be accessed through the oauthtoken parameter, but then we will find the problem that part of the editing options will not work, such as: creating a new gadget of the types bar, foot, table, ..., or editing gadgets of these types, because, since you have not started a session, you do not have access to these control panel screens.


These apply to all types of URLs

Multitenants usage specifications

When the platform installation is configured in multitenat mode, it is necessary to specify the vertical and username parameters in the URL to be able to open the dashboards corresponding to the correct tenant and vertical, for example:

https://lab.onesaitplatform.com/controlpanel/dashboards/viewiframe/6dba9148-b807-4104-a118-9d897cf44ee7?oauthtoken=ffqerqwerf…&vertical=vertical001&username=username001

Specifications on passing parameters by URL

When a dashboard is invoked, it can be configured so that it receives specific parameters and, with these, filters the data from the gadgets.

We define these parameters when we are editing the dashboard in the URL Parameters icon:

We can indicate whether they are mandatory or not. If they are mandatory and are not defined in the URL, the dashboard will request them through a popup.

This post explains this point in more detail:

https://onesaitplatform.atlassian.net/l/c/ty1cerPc