Is it possible to pass the MetaData as a condition to partition a synchronization?
I need the partition value in sync to be different from %%user.id because the value that will control the partition I get from a MetaData in authentication via JWT in Realm, I tried something like %%user.profile.puid , but in the log I get an undefined comparison.
I added the fields in MetaData Fields in authentication via JWT, but what I need the most is the puid as it should control the partition
In the code I can retrieve the value after authentication as expected and set it as a partition value for synchronization
const credentials = Realm.Credentials.jwt(response.access_token);
const user = await app.logIn(credentials);
if (user) {
setUserId(user.profile.puid as string); // State where it will be passed to the sync command on the partition
setUser(user);
}
In the permission configuration I didn't find any example that shows how to retrieve the MetaData value, I tried as follows...
{
"%%partition": "%%user.profile.puid"
}
But when I try to run the log on the realm it tells me that the comparison value is undefined
Error:
could not evaluate sync permissions with error: cannot compare to undefined (ProtocolErrorCode=206)
Partition:
3c403***-****-****-****-*****5b1218f
I don't understand why in the permissions area the rule to retrieve the puid doesn't work because the logged in user has the data, the realm doesn't support this type of operation?
Related
I am getting the Policy Configurations (GET https://dev.azure.com/{organization}/{project}/_apis/policy/configurations) and for the policy of type "Required reviewers" (response array item's type.displayName), there is a property named "ReviewerIds" which is an array of what looks like GUIDs.
However, I do not know how to retrieve information about the user(s) or user group(s) identified by the GUID(s) in that array.
I suspect you're looking either for IdentityByID or IdentityByDescriptor:
https://learn.microsoft.com/en-us/rest/api/azure/devops/ims/identities/read-identities?view=azure-devops-rest-7.0&tabs=HTTP#by-ids
https://learn.microsoft.com/en-us/rest/api/azure/devops/ims/identities/read-identities?view=azure-devops-rest-7.0&tabs=HTTP#by-identitydescriptors
Be sure to call the right endpoint, identity information is from https://vssps.dev.azure.com.
Hello, I have a problem I created a Registration form and im trying to check if there is any user which have a certain username inside the Firebase Db. I tried to get the reference of all the users.
var users = Database.database().reference("users")
But I don't know how I could check if there is any user with a specified username.
You'll want to use a query for that. Something like:
let query = users.queryOrdered(byChild: "username").equalTo("two")
Then execute the query and check whether the result snapshot exists.
Note though that you won't be able to guarantee uniqueness in this way. If multiple users perform the check at the same time, they may both end up claiming the same user name.
To guarantee a unique user name, you will need to store the user names as the key - as keys are by definition unique within their parent node. For more on this, see some of these top search results and possibly also from here.
I'm trying to use Firestore rules to return only documents where the current user has some sort of rights, following the advice given in https://firebase.google.com/docs/firestore/solutions/role-based-access.
However, when I implement the rule I get the dreaded "[code=permission-denied]: Missing or insufficient permissions" error message which obviously tells me nothing, I was wondering if anyone can spot what is going wrong.
My rules:
//Specific project rules - authorised users who appear in the project list
match /documents/{document} {
function isSignedIn() {
return request.auth.uid != null;
}
function getUser(rsc) {
return rsc.data.users[request.auth.uid];
}
function isOneOfUsers(rsc, array) {
return isSignedIn() && (getUser(rsc) in array);
}
allow list: if isOneOfUsers(resource, ['user','admin']);
The data stores the users information in a field on the document (12345 in the example below. The field is of type Object which allows me to put a key (the userid, 76544 in the example below) and a value against it, such as "admin".
My data:
documents/12345/users{76544:"admin"}
Now when I log on and try to get a list of the documents, I'm expecting to see this document coming back, but I get the error. I can change the function getUser to return "user" and that works, so the problem is somewhere in the evaluation of
rsc.data.users[request.auth.uid]
I would normally accept that I'm trying something that can't be done but it is a near direct copy of the official docs so I must be missing something!
Thanks in advance for your help
Here's what I think is going on: LIST is explicitly not checking every document that it is picking up, rules are not filters etc.
When writing queries to retrieve documents, keep in mind that security
rules are not filters—queries are all or nothing. To save you time and
resources, Cloud Firestore evaluates a query against its potential
result set instead of the actual field values for all of your
documents. If a query could potentially return documents that the
client does not have permission to read, the entire request fails.
Therefore, LIST will always return the full list of /documents/, there is nothing you can write in there beyond authorisation rules that will stop it from returning all of them. If this is true, if any malicious actor gets hold of an authentication, they can download the full list of all of your /documents/.
The only sensible approach to this is to lock down any attempt to use LIST (deny all) and keep your list accessible /documents/ against an individual user instead. This seems onerous, but may be the only way of doing it.
I have the following Firebase structure
There is a node that keeps a list of albums by user. In certain circumstances I do not have the user id (E7Bv..), I only have the album id (-L0uG...). If I had both then I could easily access the specific album node.
Since I do not have the userid, i need a way to query the node where the albumin is equal to the value I have in hand. I do not see how to structure such a query.
As one approach I also tried to add the albumid (-L0uG...) to the sub node as the value of _key. I'd prefer not to have to duplicate that value and just query for where the sub-node for albumid equals the value I have in hand for albumid.
Or, if that can not be done then can anyone tell me how to query where the sub-node has a value for _key that matches the value i have in hand - Without knowing the userid node value?
I would like to do something like this ... (where albumRef is the top node for byUser_albums)
albumRef.queryOrdered(byChild: "_key").queryEqual(toValue: albumID).observeSingleEvent(of: .value, with: { snapshot in
of course this fails because _key is not on the userid node, it is on the albumid node. I need to either query by the subnode id, or go deeper to query by _key
UPDATE
From Frank Below. I tried this ...
albumRef.queryOrdered(byChild: albumID).queryStarting(atValue: nil).observeSingleEvent(of: .value, with: { snapshot in
This works and finds the right data. It returns the key of the scoping autoid. The only downside is that Firebase says (in debug log) ....
"**Using an unspecified index. Your data will be downloaded and filtered on the client. Consider adding ".indexOn": "-L0vTQtLwBe_hilTOGid" at /byUser_albums to your security rules for better performance**"
If I were doing a typical read then I could just add the rule to the database, but I can't add this rule because the value that it wants the .indexOn is not a static value - it's an auto. I don't see a way to index on the autoid. I think I will have to restructure the albums node to have user as an attribute instead of defining a scoping node by user. I do not see a way to read without downloading all data and filter on the client.
So i have a form based on one of my table, in wich the id is generated by a function in the database, the username is get from the user in session using the variable :APP_USER and the date has a default value of to_char(sysdate). But the problem is that if I open the page the first time it does work without any error, when I change pages and return to the form I get the error
ORA-01403: no data found
Error Unable to fetch row.
And I don't know why.
If you use the standard fetching process you can check to see which column it uses to fetch a unique row and the item it will use the value from to do this.
If you get the 1403 error then this probably means you are trying to perform a fetch with the value of this page item set to a value which does not exist in the database.
Are you performing a computation on this item? Run plsql code on it? Change it anywhere?
When you get this error, then you can check the session state of the item by clicking "Session" on the developer toolbar. This will show you the session state values of the items, and thus you can see the value of the PK item on which the fetch will operate. If there is an id in there, you can verify whether this value is correct or not.