What are the review requirements regarding QUERY intents? - actions-on-google

Due to hardware restrictions, we are unable to retrieve the current status of many of our lights (their color/brightness/etc.).
In the QA test cases spreadsheet found here, at the bottom under Deploying, a number of QUERY intents are listed to be tested. Does this mean our Smart Home application will not be able to pass certification?
Thank you for reading.

There is some expectation from the user to know the status of your their house at any time. If you cannot retrieve the state directly from devices, you should be able to use your cloud provider to store a virtual equivalent of the device. Then instead of querying the device directly you can return the state of the virtual device.

If anything, just try to be honest with the review team and they will keep certain limitations in mind.
When submitting for review make sure you provide them with a perfectly working test environment. So if some of your lights don't function like you want them to and you can't get their info, don't provide them for testing.
I'm not familiar with the review process of Smart Home applications but if you provide the review team with the right information of which hardware is and isn't supported I'm sure they won't straight up reject your application for it.

Related

Creating Actions for Personal use only

My house has an home automation system from the 1960's that I have managed to tap into. I've been able to setup an interface which allows me to write adapters for various technologies such as Node Red, Alexa, and now Google Assistent.
Given that this will only ever work with my house, I see no reason to make public Smart Home Actions. On Alexa's side, I can let these services stay in a Development state indefinitely which has worked great for the last 6 months. On Google's side, however, the FAQ says (https://developers.google.com/actions/smarthome/faq):
Q: How often do I need to run gactions test?
A: gactions test needs be refreshed every 3 days. After 3 days the test agent will disappear from mobile-HomeControl settings. If you run into this, just run gaction test again.
Therefore, I was wondering what they best way is to make a PERSONAL Google Actions service? Of course, the obvious method would be to script and schedule the gactions call to keep testing alive but I would hope there was a better way to support this!
Additional details: I'm using Amazon's OAuth service for sign-in. This way, I can validate the Amazon ClientID, UserID, etc. through the AccesssToken Google passes in for authorization. Therefore, I could theoretically run this publicly without any issues but I would need to figure out how Google could review it for testing purposes! I don't need some Google employee turning on and off my lights while the Google Maps car drive by to verify the change... ;)
I would just use a script to call gaction periodically.
Publishing it would unnecessarily pollute the Actions directory. Also, they'll make you jump through hoops for "brand verification" and other restrictions they have for naming invocation terms.
If you did publish it, you give them a temporary account for verification purposes and disable the account when published. They would be randomly controlling the lights during the verification period though which can be up to a week!

Password login for ios app

I am currently developing an app for a company that is in a very competitive field. I have finished all of the features of the app that they requested except for one, making it somehow protected from their competing companies to download and use. I thought that I could set up a UIViewController with a password field that would check against some kind of database, but I'm not sure how to do the checking against a database part nor the practicality of it, and was hoping I could get some ideas on how to do this so that other companies couldn't steal and use this app without a password or something that changes like every 30 days or something and is kind of like an activation code.
Review the WWDC 2012 video "Building and Distributing Custom B2B Apps for iOS". I'm unsure if your app is in this B2B classification, it seems that it might be from your description.
What I ended up doing (if everyone needs a reference) was setting up a server with an SQL table that has pass codes in it. Since apple does not allow for any sort of system that requires you to "buy the app from outside the app store" I made a dumby username field (shame on me) that takes any value you like and then requires to have a pass code that fits. Once the pass code gets authenticated with the web server in a json sql request (there are plenty of api's to do this with) it comes back and sends the user to the first screen and sets a value in a plist with how many days of use the user has left. Whenever the user opens up the app it checks to see if the date is different from the last date logged in (saved in the same plist file) and if it is different then it calculates the difference and deducts that many. When the count reaches 0 it sends the user to the pass code authentication screen again. A bit complicated but an effective method of getting around Apple's restriction on not having a sort of pass code system like this. Thanks for the answers, unfortunately enterprise did not work for this company since they needed to be able to distribute the app to as many 3rd party members as they wanted to without having to worry about them leaving the company for other suppliers and remote management of the app (I.e ability to remote uninstall) was also not an option. Hope this helps someone someday!

Way to expose appstore IDs but keep them secured for release

I am working on an application that will allow the user to purchase content from the app store
https://developer.apple.com/library/mac/#documentation/NetworkingInternet/Conceptual/StoreKitGuide/Introduction/Introduction.html#//apple_ref/doc/uid/TP40008267-CH1-SW1
These products require a "ProductID" that ties them to whatever is in the appstore.
I will need to store these IDs somewhere in the application so I know what to send the server when the purchase button is clicked.
I wish to expose these ID's and allow non-programmers to enter any ID they want in both our side and the server side, and not have to call on a programmer to go into the code and change some enum.
I figured a config file would not be very secure, for in the end it's just a text file that a user could potentially view after purchasing the app. May not be a huge problem if a user saw the ID, but I don't like the idea of anybody seeing the innards that go through a payment process
Assuming im making sense here, whats a good way to expose these IDs but still keep them secure so users may not find them?
Also curious, how secure is something like an enum in c++? Can people break the .exe down and see the code and its values?
For your final question, yes and no. If they have access to the debugging information (a PDB in Microsoft land) then yes. But armed with just an exe and disassembler, you will see only the constant values that are assigned to the enum members.

Testing a Product that Includes Syncing and other Network Requests

I am nearing the release of an iOS app that syncs and otherwise interacts with a server. I am struggling with a testing procedure that can cover most/all possible situations. I don't have any experience with automated testing so I have been doing everything manually so far with the iPhone simulator and a physical device.
How would I start designing automated tests that can help me get better coverage of possible situations and also serve me well in the future as I make changes and add new features?
You probably need to be more specific in your question. ie. outline how you communicate with your server, what technology is being employed etc.
But as a general approach the first thing I would be doing is looking to find a way to get reproducable results from the server. For example if I send a message asking for a record with an id of 'x' then the server will alwasy return the same record with the same data. There are severa ways to do this, one would be to load a set of test data into your server. Another would be to create a local test server and talk to that instead. Another option is to avoid the server all together in your automaticed tests and mock out the communication classes in your app. It totally depends on what you are trying to test and how.
Once you have your back end dealt with you can then look into automating the tests. This very much depends on how you have dealt with the server. For example, if you are performing an integration style test where you actually talk to a server, then the test might take the form:
Reset or clear the server data.
Load it with predictable data.
Run the iOS app using some testing framework and verify any data sent from the server.
Access the server and verify any changes made there.

Copying data from Field Test Mode

I'd like to copy out some data from the iPhone field test mode. Is there any way to do it? I'm using the data for testing, so it's not necessary to require App Store approval.
Since the field test mode is a built-in application that gathers information on the phone and its network, you can't really do anything to interact with it.
The information that the application gathers is likely taken from the private API. If there's specific information you're tying to get, I would ask a more specific question here on stackoverflow about it.