Thanks! Great references. Working on the https://ai2.metricrat.co.uk/guides/how-to-have-secure-rules-on-firebase-and-allow-auth-users-to-readwrite
demo.
I have a question here.... how do we log off. That block is not available. How do I use the firebaseAuth component for that?
Thanks in advance.
1 Like
from my third link above:
//signout user
if ( wvstr.split(",")[5] == 'SIGNOUT' ) {
auth.signOut();
}
1 Like
Thank you for the code to signout the user, however i am presently trying out your code using firebaseauth (refer https://ai2.metricrat.co.uk/guides/how-to-have-secure-rules-on-firebase-and-allow-auth-users-to-readwrite). So could you please let me know how to apply your code in firebaseauth?
Thanks.
As it says in my how to:
Sign Out / Log off is handled when the app is closed, but the idToken will expire after one hour, the user will need to Sign in again.
There is no method provided in the extension for sign out.
Thanks for the clarity on how the firebaseauth does not have a way of signing off.
And thank you for the demo app. It works very well and I am getting tons of ideas on how to use it in my own app. That was a really fabulous demo: simple, succinct yet fully implementable within minutes!
I would also like to request you for some help related to the demo.
Once a user is logged in, he is given a useridToken and all his data is stored under a branch which has the id of his token. Now here is my question (so that I can strategize the architecture of the Db): I have various users who create data records that are added to their own branches of the Db. Now the data of all these users needs to be accessed by a supervisor (who is logged in using his own ID) to view, edit AND write in his comments in some empty fields that are already available. These are then viewed by the users and acted upon. To summarize, how do I get a supervisor (a different person with a different id) to view and edit another user's data?
You would have to write a set of rules in firebase for that user - the supervisor, in order to give them read/write access to everything.
Something like this:
1 Like
Thank you, went through the url then tried the following, regrettably did not work. Any suggestions?
Something like this?
{
"rules": {
".read": true,
".write": "auth.uid === 'dJrGShfgfd2'"
}
"myusers": {
"$uid" : {
".read": "$uid = auth.uid",
".write": "$uid = auth.uid"
}
}
}
You may need to put it around the other way....?
{
"rules": {
"myusers": {
"$uid" : {
".read": "$uid = auth.uid",
".write": "$uid = auth.uid"
}
}
".read": true,
".write": "auth.uid === 'dJrGShfgfd2'" //the supervisor uid
}
}
It might be more accountable to let the supervisor only read the users' branches,
and have a list of the user IDs to track them all. Let the users know a branch ID of the supervisor that is read-all so they can see the supervisors' comments about their branch data.
Alternatively, if the supervisor has to revise user data, log his changes under each user branch separately, like comments on a Google Doc.
Thank you. The last part worked.
So I managed to get the data to load on to the realtime Db using your metric rat page that combines the firebaseauth and web components.
I could now use some suggestions on how to upload images/docs to the firebase storage using a similar combo of firebaseauth and web components.
That is a great idea, thanks. Will try it out once I finish with the image upload part.
Dear Tim,
A request, is it possible for you to give me a single string that I can place in the web component (in the blue ringed area)? The currentuidpath is a unique name for the folder in which the images would be placed. 'firebaseio' would probably become 'appspot' and so on. I can extract the required parts of the string and concat them together, so no issues there. This would really make it simple for me, especially since I've already got the authentication and realtime Db string via the web component working perfectly. Of course there needs to be some place in the string for the MIME type.
Thank you for all the help.
Not quite sure what you mean. My firebase storage example uses the webviewer, not the web component to upload files, thus encompassing all the credentials as well ?
Oh, I have not tried the webviewer. Thanks. Will try it.
BTW, another issue. When I try capturing the path of a file from my mobile for upload of the content, the path looks weird and does not upload using the firebasestorage component. The path looks like "content://com.android.externalstorage.documents/document/primary%3Aenglishbook.pdf" (for a pdf file) and "content://com.android.media.documents/document/image%3A234543" (for a jpg image)
Do I need to remove/add some text to this so as to make it an uploadable path?
Here are the blocks I use to access files in my phone
It is easiest to use Taifun's File extension and the block provided to convert a content uri to a file path.
Also, be wary of file paths at the moment, the last update to App Inventor introduced some changes, especially for Android 9 and 10, that moves file locations. It will get worse/better when Android 11 comes along.
OMG! a change of path will be catastrophic! Will lookup Taifun's File Extension ASAP.
I would also like to offer you a gigantic THANK YOU for answering so many of questions, so patiently ... and so promptly.
May the force be with you!
Tried Taifun's file extension to convert the relative path to a final path but got the error:
Permission Denial: opening provider com.android.externalstorage.ExternalStorageProvider from ProcessRecord{87dc33e 19819:edu.mit.appinventor.aicompanion3/u0a427} (pid=19819, uid=10427) requires that you obtain access using ACTION_OPEN_DOCUMENT or related APIs
Note: You will not see another error reported for 5 seconds.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.