I work on chat app one to one chat and my database structure is
"rules": {
"Messages" :{
"$chatId" : {
".read": "root.child('Chat_members').child(chatId).child(auth.uid).exists()",
".write": "root.child('Chat_members').child(chatId).child(auth.uid).exists()"
}
I want to implement delete message so if user1 delete message i will hide it and display it only for user2 ,i can do this from client side but it is very inefficient way to request all data where there is for example just one message that will display for user1 how to do this from firebase rules? can I find any help?
As the documentation says security rules don't filter data. Instead you need to ensure that the client only reads the data you want to show.
I don't seen an easy way to do that to your structure without adding more data. In fact, the simplest way I can think of is to simply replicate the chat for each user and then actually delete the message from their data structure when needed.
Related
I am exporting Teams chat history to html and need to work out how to query for the chat name.
When I know the chat id I can get the chat with
graphClient.me().chats("19:xxxxgbl.spaces").messages()
I can then page through the collection and output all the chats.
However, I don't know how to get the chat id from the API in the first place.
I was able to find the first one from the Graph Explorer with /beta/me/chats and then searching the preview for a channel name and finding the name in the topic field.
The same section/value doesn't exist for one on one chats with a colleague though. When I search the output of /beta/me/chats for my colleagues name it doesn't find it.
When I scroll down the output I see it has a webUrl field. Clicking on the 3rd item of the response to /beta/me/chats shows me the 3rd chats in the sidebar of Teams.
How can I find the chat id with the Java API if I know my colleagues name that I am chatting with?
Have you tried using the Search endpoint https://learn.microsoft.com/en-us/graph/search-concept-chat-messages . You can query on To, From or use Participants which would return anything where the target either sends or received a chat message eg
POST https://graph.microsoft.com/v1.0/search/query
{
"requests": [
{
"entityTypes": [
"chatMessage"
],
"query": {
"queryString": "participants:blah#blah.com"
}
}
]
}
This then returns both the ChatId and the MessageId
There is also an Export API https://learn.microsoft.com/en-us/microsoftteams/export-teams-content (it has a cost involved) if you where doing things a tenant level.
I want to be able to send a notification to a user IF something changes.
For example, my application is crime-related. So users can submit reports of crimes that have happened in their neighborhoods.
When a new crime is reported, I want to be able to send ALL users in that specific neighbourhood a notification, even if they are not actively using the app.
How can this be done? I'm quite new at this but to my understanding services like Firebase Messaging require you to type out a message manually and select users to send the message to manually. I'm wondering if there's a way this can be done without someone having to manually do work?
Similar to how snapchat/instagram and stuff will send you notifications that someone has sent you a message even when you are not using your phone.
In my case, I just want the same standard notification "New crime in your area" to be displayed...
How can I do this? (Currently for notifications I'm just using Notification Channels), thank you so much!
You can easily do this using Parse Server through FCM integration.
First, you need to setup your Android app to be able to receive push notifications
Just follow this Quickstart: https://docs.parseplatform.org/parse-server/guide/#push-notifications-quick-start
Second, you need to create a cloud code function
I suggest you to create a cloud code function that will receive the neighborhood as parameter, will query for the user installations in that neighborhood and send the push notification to all of them.
It would be something like this:
Parse.Cloud.define('notifyCrime', async req => {
const query = new Parse.Query(Parse.Installation);
query.equalTo('neighborhood', req.params.neighborhood); // I'm supposing you have a field called neighborhood in your installation class - if not, you can save this field there when the user sign up
await Parse.Push.send({
where: query,
data: {
alert: 'There is a crime in your neighborhood'
},
useMasterKey: true
});
});
Reference: https://docs.parseplatform.org/js/guide/#sending-pushes-to-queries
Third, you need to call the cloud function from your Android app
Once some user has reported a crime, you can call the cloud code function that you created in step 2 to notify all other users in the same neighborhood.
It would be something like this:
HashMap<String, Object> params = new HashMap<String, Object>();
params.put("neighborhood", "The neighborhood goes here");
ParseCloud.callFunctionInBackground("notifyCrime", params, new FunctionCallback<Object>() {
void done(Object response, ParseException e) {
if (e == null) {
// The users were successfully notified
}
}
});
Reference: https://docs.parseplatform.org/cloudcode/guide/#cloud-functions
"my understanding services like Firebase Messaging require you to type out a message manually and select users to send the message to manually".
This is not completely true. There is a method name Firebase Topic Messaging, that lets you send notifications to specific user segments only. You have to register from the app for that topic and then, you can send customized message to your user groups based on topics they subscribed to.
i am building a chat android app that allows users to chat where users can create account and use all the features. It's about to be completed but there's a problem, actually a question.
Is firebase on android safe ?
In my firebase database, i have created a rule as follow:
{
"rules": {
".read": "auth != null",
".write": "auth != null"
}
}
Now, this rule will reject any non authenticated users from accessing the data and pushing data or deleting any of it. But, when user creates an account on my chat app, he/she will be authenticated and my app will allow to make modifications. What if they reversed engineered the app and changed some of the codes and pushed invalid datas or removed some of the values from database coz they are already authenticated ?? How can i prevent that ?
When user creates account in my app i use:
auth.createUserWithEmailAndPassword(email, password)
.addOnCompleteListener(RegisterActivity.this, new OnCompleteListener<AuthResult>() {
This will create a new chat user for the app. So, user is creating his/her own account and they know the credentials and everything. I am so confused, how can i prevent them from editing my codes ?
You can't prevent malicious clients from executing whatever code they want against your Firebase project. Someone will always find a way to compromise your app at runtime on a device that you can't fully control.
The way to protect your data is through sophisticated security rules that:
Requires users to be authenticated (as you already have)
Decide which users can read and write to which locations in your database
Reject invalid data from being written
This requires a fair amount of thought and effort. You can start with the documentation to learn more.
Please also read this question on Quora for some more ideas.
I am writing a service which would store picture associated with registered email. So, other domains would have a possibility to get image of the user by email. The main goal is not to upload it each time as nowadays we have to register almost everywhere and that process is quite annoying.
My application is written on Java and I am using REST API.
For example, user's account information is available by login:
#RequestMapping(value = "/get/{login}",
method = RequestMethod.GET,
produces = MediaType.APPLICATION_JSON_VALUE)
#ResponseBody
public ResponseEntity<User> getByEmail(#PathVariable String login) {
User user = userDao.getUserByLogin(login);
return Optional.ofNullable(user)
.map(result -> new ResponseEntity<>(
result, HttpStatus.OK))
.orElse(new ResponseEntity<>(HttpStatus.NOT_FOUND));
}
And now, what i want is to send just updated data to the domains which gonna use my service. How could I figure that out? I think I could ask "domain" to provide some information in order to use my service (some king of registration), but what exactly should I ask for to be able to send data udpdates?
In my thoughts they should also provide some REST path where I could send some kind of request that something has changed.
Any help would be appreciated a lot, thanks.
This is essentially a pub-sub model . You publish some information , on various defined events , to whoever has subscribed to it . Look at this as a subset of state syncronisation of the user information across various endpoints.
In your case , the 'domains' you are referring to would be subscribers of your service and the events could be 'itemAdded' , 'itemAdded' etc. You would want to 'push' out the updates ( or whole info) to the subscribers when the event they have subscribed for occurs , instead of them trying to pull this at some frequency ( that would be a lot of waste calls to your server - you dont want that ! )
There are various solutions available that could achieve this . The one I am going to point you to is called Twilio Sync . This would obviously mean that the 'domains' would have to do some changes at their end to subscribe and consume the updates , but I dont see how else could they be regularly updated if they want information pushed.
Send last update date to the endpoint from the domain which
use it. Then check which data was updated after that date and return
appropriate response.
Talking about image, you can always return URL for download but add last update field. The service which use REST service will determine to download it or not.
Also you may need event driven messaging, publish–subscribe pattern (https://en.wikipedia.org/wiki/Publish%E2%80%93subscribe_pattern). Related threads:
How would I create an asynchronous notification system using RESTful web services?
Event Based interaction style in REST
Firebase for mobile apps: https://firebase.google.com/docs/notifications/
I am really rookie and need an advice.
I have read documentation, and as far as i understood if you need send direct message, follow next steps:
Make authentification, eventually you get Firebase TokenId and
userId
Send them to your server side and store it in DB
When you are going to send a message you need create json and put
inside topic text and resipent userId so on...
Send this json via HTTP to your server side
When server retrive this json, it should use Firebase API to
create new message bloc child with random name in firebase
Eventually server have to find recipent user in DB by userId that we get from message.
After server will find current recipent user by userId , next we should take firebase tokenId In order to sent notification .
And send recipent user notification with such data - name of new
message bloc child
Recipent will connect to this current bloc and retrive data
It is as i understood this consept, fix me please if smth wrong?
Your suggested approach sounds good. The most important thing to realize is that you require an app server to send a downstream message to a device. Using the database as the communication mechanism between the app and the app server is a popular approach.
You could also use Cloud Messaging's upstream capabilities. But I've never tried that approach, because the database works fine for me and I had little interest in learning yet another protocol (XMPP).
You can read how I implemented it in this Firebase blog post Sending notifications between Android devices with Firebase Database and Cloud Messaging.