I'm developing a chat app. In my app there are 4 nodes called User, Recent, Message, Group. I'm using Objective-C My message object looks like,
{
"createdAt" : 1.486618017521277E9,
"groupId" : "-KcWKeXXQ9tjYsYfCknx",
"objectId" : "-KcWKftK8GiMxxAnarL5",
"senderId" : "828949592937598976",
"senderImage" : "http://hairstyleonpoint.com/wp-content/uploads/2014/10/marcello-alvarez.png",
"senderName" : "John Doee",
"status" : "Seen",
"text" : "Hi all",
"type" : "text",
"updatedAt" : 1.486622011467733E9
}
When I'm updating a User, all message's senderName should be updated accordingly. Is there are way to do this via the code or Do I need to write a rule. I'm a newbie to the firebase. Please suggest me a way to do that. If It's possible to do with the rules, Please guide me on this.
It's not possible to do this via rules, so you have to manually iterate over all your data and update the senderName.
Anyways, I think you would probably be better off with saving {senderID: $someUserID} instead - like you would do in a relational database. The userID is static, so can change the user without having to update all the instances where you use it.
Related
There is a need for me to do bulk update of user details.
Let the object details have the following fields,
User First Name
User ID
User Last Name
User Email ID
User Country
An admin can upload the updated data of the users through a csv file. Values with mismatching data needs to be updated. The most probable request format for this bulk update request will be like:(Method 1)
"data" : {
"userArray" : [
{
"id" : 2343565432,
"f_name" : "David",
"email" : "david#testmail.com"
},
{
"id" : 2344354351,
"country" : "United States",
}
.
.
.
]
}
Method 2 : I would send the details in two arrays, one containing the list of similar filed values with respect to their user ids
"data" : {
"userArray" : [
{
"ids" : [23234323432, 4543543543, 45654543543],
"country" : ["United States", "Israel", "Mexico"]
},
{
"ids" : [2323432334543, 567676565],
"email" : ["groove#drivein.com", "zara#foobar.com"]
},
.
.
.
]
}
In method 1, i need to query the database for every user update, which will be more as the no of user edited is more. In contrast, if i use method 2, i query the database only once for each param(i add the array in the query and get those rows whose user id is present in the given array in a single query). And then i can update the each row with their respective details.
But overall in the internet, most of the update api had params in the format specified in method 1 which gives user good readability. But i need to know what will be advantage if i go with method 1 rather than method 2? (I save some query time in method 2 if the no of users count is large which can improve my performance)
I almost always see it being method 1 style.
Woth that said, I don't understand why your DB performance is based on the way the input data is structured. That's just the way information gets into your code.
You can have the client send the data as method 1 and then shim it to method 2 on the backend if that helps you structure the DB queries better
I want generate value using json schema. But json schema not support file type.So i add custom key word inheritType . Now i validate this schema it throw Exception.
So How to slove this problem. and How to add custom keyword in json schema
This My Json Schema
{
"type" : "object" ,
"properties" : {
"file" : {
"type" : "string" ,
"inheritType" : "File"
}
}
}
This is my java code throws Exception
{
"level" : "error",
"schema" : {
"loadingURI" : "#",
"pointer" : "/properties/file/inheritType" ,
"ignored" : ["inheritType"]
}
It sounds like you might want to add the keyword to those allowed, based on this github issue comment.
This is an implementation choice. The primary goal of these messages
is to, in fact, detect spelling mistakes (consider pattenrProperties
for instance).
As the report says, these warnings will be ignored; therefore you need
not worry about these.
Note that you have the option to either:
configure the log level so that those warnings do not appear in the
final log, or update the dictionary of keywords so that this keyword
is recognized.
I can't see how to do this in the javadocs though. Sorry.
I'm trying to figure out the right way to handle permissions in a single page app that talks directly to several RESTful APIs, that implement HATEOAS.
As an example:
"As a user of my application I can view, start and pause jobs but not stop them."
The underlying rest API has the following resource:
/jobs/{id}
Which accepts GET and PUT. The GET returns a job model and the PUT accepts a job model as a request body in the form:
{
"_links" : {
"self" : "/jobs/12345678"
}
"id" : 12345678,
"description" : "foo job",
"state" : "STOPPED"
}
Accepted job states can be: dormant | running | paused | stopped.
The requirement says that on the UI I must have the buttons:
START, PAUSE, STOP
... and only display based on the logged in user's permissions.
From the API perspective everything works as the underlying logic on the server makes sure that the user cannot update the state to a STOPPED state when a request is made (a 401 is returned maybe).
What is the best way to inform the app / UI of the user's permissions, so it can hide any buttons that the user has no permission to action?
Should the API provide a list of permissions, maybe something like :
{
"_links" : {
"self" : "/permissions",
"jobs" : "/jobs"
}
"permissions" : {
"job" : ["UPDATE", "DELETE"],
"job-updates" : ["START", "PAUSE"]
}
}
OR should the API change so that the permissions are reflected in the HATEOS links maybe something like :
{
"_links" : {
"self" : "/jobs/12345678",
"start" : "/jobs/12345678/state?to=RUNNING",
"pause" : "/jobs/12345678/state?to=PAUSED",
}
"id" : 12345678,
"description" : "foo job",
"state" : "DORMANT"
}
Or should it be done in a completely different way?
UPDATE
I've found the following article which suggests an answer:
https://softwareengineering.stackexchange.com/questions/215975/how-to-handle-fine-grained-field-based-acl-permissions-in-a-restful-service
I would go with the latter: Imply permissions based on which links are present.
If the link isn't there, the user can't access the resource/perform the action. If it is, they can. That's what I'd do, because it's simple and clean and leaves little to the discretion of the front-end code. Decoupling, yo.
Alternatively, if you do want to include all the links in each response but explicitly specify which are allowed and which aren't, if you use a format such as HAL to write your links, you could extend it with a flag on each link like so:
{
"_links" : {
"self" : {
"href":"/jobs/12345678",
"allowed":false
},
"start" : {
"href":"/jobs/12345678/state?to=RUNNING",
"allowed":false
},
"pause" : {
"href":"/jobs/12345678/state?to=PAUSED",
"allowed":false
}
},
"id" : 12345678,
"description" : "foo job",
"state" : "DORMANT"
}
I would go with the latter. The reason I don't like the former is because you are creating extra work for the client by requiring it to figure out the mapping between permissions and the resources they permit access to. If you use hateoas and check for the presence of relation types, this mapping is done for you by the server. It also means the uris can change without breaking the client.
I recently wrote a blog post on this area:
https://www.opencredo.com/2015/08/12/designing-rest-api-fine-grained-resources-hateoas-hal/
You should be using forms, not links, to provide state transition hypermedia.
If you cannot provide forms in your media type, provide links to URIs which use another media type that supports forms, such as XHTML.
IANA has link relations for create-form, edit-form and delete-form for this purpose.
Also, please do not use start and pause as real link relations. If you define them yourself, they must be URIs (preferably HTTP URLs, but any URI under your control will suffice). start has a completely different meaning to what you're using it for, and pause is not defined.
I'll start by saying that I'm really new (about two days now) to iPhone dev and Objective-C. I'm still getting used to the syntax, memory management, etc.
I'm trying to use RestKit to interact with a server which allows JSON REST requests. After issuing a GET request I get data of the form:
GET : /api/beast/1/
{
'species' : 'elephant',
'resource_uri' : 'api/beasts/1/',
'owner' : '/api/beastmaster/3/',
'name' : 'Stampy'
}
GET : /api/beastmaster/3/
{
'resource_uri' : '/api/beastmaster/3/'
'first_name' : 'Bart',
'last_name' : 'Simpson'
}
The thing is that the owner property of the beast objects is sometimes populated with the resource URI string and sometimes with an actual full json representation of the object, as follows:
{
'species' : 'elephant',
'resource_uri' : 'api/beasts/1/',
'owner' : {
'resource_uri' : '/api/beastmaster/3/'
'first_name' : 'Bart',
'last_name' : 'Simpson'
},
'name' : 'Stampy'
}
What I want to do is to provide an easy to use interface to request the owner property asynchronously, it should check whether it already has a full representation of the object, and in that case execute the callback immediately or, if it doesn't, issue the appropriate GET request and execute the callback when the response arrives.
If this was JavaScript, some ways to achieve this may be:
//Alternative 1
beast.getOwner(function(owner){
console.log("Owner is: " + owner);
});
//Alternative 2
beast.get("owner", {
'success' : function(){...},
'error' : function(){...}
});
Most RestKit examples I've seen implement the protocol to handle the response on the same object that executes the request. I don't like this because in this case one class may require various related object properties (which would be obtained asynchronously).
What would be the best way to achieve the desired behaviour providing a simple and clear interface for the other programmers which would be using the model classes to develop the rest of the app? Maybe using blocks?
Well, as far as I can see from your JSON response, there has been a design irregularity. It seems complex enough to put 1-2 hour extra research and 1-2 hour extra coding just for that. My fast solution is to change the model view to have a consistent value whether owner : "uri" or owner : { ownerObjectProperty: value }.
The slow solution would be, you would have 2 values in your mapped object. 1st one would be NSString *rawValueForOwner, 2nd is OwnerObject* ownerObject.
You would map owner JSON value into rawValueForOwner mapped object via protocols. Parsing the value and deducting if it starts with "{" then parse that rawValueForOwner into an object via RestKit manual parsing methods. If it doesn't start with "{" then make an another call to your RESTful server to fetch the object then again link beast and owner into each other manually.
I would have taken the high way :)
This link contains how to parse JSON string into an object... Deserializing local NSString of JSON into objects via RestKit (no network download)
Hey I am looking to implement a permissions system like in highrise or facebook.
The issue with such an problem is that permissions have to defined on a instance of the object(visibility). Off the top of my head i can think of saving user_ids, or group_ids in a hash for every record. Is that the best way to do it?
I am using mongodb so that should make it easier. Although we can switch to sql also (highrise probably does it with sql).
Edit: I ended up writing a gem that works with mongoid, you can read more about it here
#Abhishiv: given this task, I would implement some form of convention for setting access by field.
Given an object like the following:
{
name : "me",
user : "me01234",
salary : "100",
address : "123 Nowhere drive"
}
I would add permissions by doing something like this:
{
name : "me",
user : "me01234",
salary : "100",
address : "123 Nowhere drive"
p_salary : [ 'g/accounting', 'g/management', 'u/owner' ]
p_address : [ 'g/accounting', 'g/hr', 'u/me' ]
}
With conventions like this, you can maintain document-level access permissions. And it's pretty easy to see how to program such a thing.
Now typically you want access permissions on both the object and the collection itself. This keeps the whole process much more DRY. For such a thing, I would simply build a "permissions" collection that contains default permissions for each other collection in the DB.
Off the top of my head, I don't know of any framework that does this "out of the box". I would look at Mongoid and MongoMapper and see if this type of detail isn't appropriate for a plug-in.
Look into Cancan: https://github.com/ryanb/cancan
Have you tried declarative authorization?