-
Notifications
You must be signed in to change notification settings - Fork 55
Expand file tree
/
Copy pathsigned_chart.html.erb
More file actions
51 lines (44 loc) · 1.64 KB
/
Copy pathsigned_chart.html.erb
File metadata and controls
51 lines (44 loc) · 1.64 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
<h1>Embedding charts with signed parameters</h1>
<p>
This is an example of an embedded chart with a signed parameter. Signed parameters are question parameters that must be signed by the embedding application.
</p>
<p>
The parameter is "User ID". This parameter marked as "Locked". This means that the embedding application's server process must specify a value and sign the request. This prevents an end user of the application from changing the url and seeing other user's charts or dashboards. There is no reference to this ID in the embedded iframe, and it is kept a secret from the end user.
</p>
<p>
To embed this graph in a webpage (as below), you'll need to generate a url on the server by signing a dictionary specifying the resource and it's signed parameters as below
</p>
<pre>
payload = {
:resource => {:question => 6},
:params => {
"id" => current_user.id
}
}
token = JWT.encode payload, METABASE_SECRET_KEY
@iframeUrl = METABASE_SITE_URL + "/embed/question/" + token + "#bordered=false"
</pre>
<p>
In the place you wish to embed the chart in your HTML, insert the below:
</p>
<pre>
<iframe
src="http://<%= @iframeUrl %>"
frameborder="0"
width="800"
height="600"
allowtransparency
/></iframe>
</pre>
<a href="/">Go back to a global view</a>
<p>
This results in the below when put together
</p>
<h1>Orders for User: <%= current_user.id %></h1>
<iframe
src="http://<%= @iframeUrl %>"
frameborder="0"
width="800"
height="600"
allowtransparency
></iframe>