How to allow only one user to edit a Parse object? - ios

I'm creating an app that allows co-workers to upload shifts (objects) to Parse that they need covered. I save all the shifts to a "Shifts" class (in the data browser). I want to restrict the ALC so that only the person who uploaded the shift/object can edit it (everyone can "read" it). Is there a way that I can create/upload that programmatically (rather than having to go into the Data Browser and add it manually)?

You can create a relationship between your Shifts and your existing _User table. If you add a shift, you can create a relationship to the _User table. Than, if you retrieve the info, you can check if the user who reads the record is also the one who created it by comparing the active PFUser.currentUser with the user from your shift.
//Initial safe
var user = PFUser.currentUser
var relation = user.relationForKey("shifts")
relation.addObject(yourShiftObject)
user.saveInBackground()

You can set the ACL on objects when you create them. The best would be to define a default ACL that allows the creating user to read and write the object while still allowing public read access.
Example taken from the documentation
var defaultACL = PFACL.ACL()
// Optionally enable public read access while disabling public write access.
defaultACL.setPublicReadAccess(true)
PFACL.setDefaultACL(defaultACL, withAccessForCurrentUser:true)
https://www.parse.com/docs/ios_guide#security-recommendations/iOS

Related

How to realize users feedback with FireBase?

I have an application where user can like photos, comment etc. Functionality like Instagram has.
I want to realize users !feedback!, where user can see information, who liked his photos, who started to follow and etc. I don't know actually how should I organize structure of my database in this situation.
My user node snapshot:
My posts node snapshot:
As I can see, I have next option - I should save all actions, which are linked to user, to his node in internal node Feedback. But how can I keep sync this? For example, someone can follow my user, I will add it to this node, user will unfollow, but the record still remains. I think, that it is wrong way.
I have no other idea actually and I can't find anything about that.
Any suggestions and solutions are much appreciated.
EDIT: I need to understand, how to realize this tab of instagram-like apps:
How to retrieve data for it from nodes?
UPD: DB Architecture in my examples is bad (old question). Be carefull (10.11.2017).
First, let's think about how we need to structure our database for this:
There are two very important principles to follow when structuring data for Firebase:
You should save your data the way you want to retrieve it.
You should keep your data structure as flat as possible - avoid nesting.
Point 1 is because Firebase is not a relational database. This means that we need to keep queries simple in order to achieve performance. Making complex queries might require many requests to Firebase.
Point 2 is because of the way Firebase's query model works: If you observe a node, you also get all the children of that node. This means that, if your data is deeply nested, you might get a lot of data you don't need.
So, having those principles in mind, let's take a look at your case. We have users, who have photos. These are the two primary entities of your database.
I can see that, currently, you are keeping your photos as properties of the users. If you want to be able to query photos by user quickly (remember Point 1), this is a good way to do it. However, if we want users to be able to "favorite" photos, a photo should be more than just a link to its Firebase Storage location: It should also hold other properties, such as which users have favorited it. This property should be an array of user IDs. In addition, for each user, you'll want to store which photos are that user's favorites. This might seem like data duplication, but when using Firebase, it's OK to duplicate some data if it'll lead to simpler queries.
So, using a data index such as in the example above, each of your Photos should look like this:
{
id: /* some ID */,
location: /* Firebase Storage URL */,
favorited_by: {
/* some user ID */: true /* this value doesn't matter */,
/* another user ID */: true,
},
/* other properties... */
}
And your user should have a favorites property listing photo IDs. Now, since every photo has a user that "owns" it, we don't need to have a unique ID for every photo, we just need to ensure that no user has two photos with the same ID. This way, we can refer to the photo by a combination of its user ID and its photo ID.
Of course, remember Point 1: If you want to be able to get user info without getting a user's photos, you should have a different property on your root object for photos instead of associating photos with users. However, for this answer, I'll try to stick to your current model.
Based on what I said above, the favorites property of a user would hold an array of values of the format 'userId/photoId'. So, for instance, if a user favorites the photo with ID "3A" of the user with ID "CN7v0A2", their favorites array would hold the value 'CN7v0A2/3A'. This concludes our structure for favorites.
Now, let's look at what some operations you have mentioned would look like under this structure:
User favorites a photo:
We get the user ID of the photo's owner
We get the user ID of the user who is favoriting the photo
We get the ID of the photo
We add the user who is favoriting's ID to the photo's favorited_by array
We add photoOwnerID + "/" photoID to the favoriting user's favorites array
If the user unfavorites the photo later, we just do the opposite: We remove photoOwnerID + "/" + photoID from the user's favorites and we remove the favoriting user's ID from the photo's favorited_by property.
This kind of logic is sufficient to implement likes, favorites, and follows. Both the follower/liker/favoriter and the followee/likee/favoritee should hold references to the other party's ID, and you should encapsulate the "like/favorite/follow" and "unlike/favorite/unfollow" operations so that they keep that database state consistent every time (this way, you won't run into any issues such as the case you mentioned, where a user unfollows an user but the database still holds the "following" record).
Finally, here's some code of how you could do the "Favorite" and "Unfavorite" operations, assuming you have a User model class:
extension User {
func follow(_ otherUser: User) {
let ref = FIRDatabase.database().reference()
ref.child("users/\(otherUser.userId)/followers/")
.child(self.userId).setValue(true)
ref.child("user/\(self.userId)/following/")
.child(otherUser.userId).setValue(true)
}
func unfollow(_ otherUser: User) {
let ref = FIRDatabase.database().reference()
ref.child("users/\(otherUser.userId)/followers/")
.child(self.userId).remove()
ref.child("user/\(self.userId)/following/")
.child(otherUser.userId).remove()
}
}
Using this model, you can get all the follower user IDs for a user querying that user's followers property and using the .keys() method on the resulting snapshot, and conversely for users a given user follows.
Added content: We can build further on this structure in order to add simple logging of actions, which seems to be what you want to have available to the user in the "Feedback" tab. Let's assume we have a set of actions, such as liking, favoriting and following, which we want to show feedback for.
We'll follow point 1 once again: In order to structure feedback data, it is best to store this data in the same way we want to retrieve it. In this case, we will be most often showing a user their own feedback data. This means we should probably store feedback data by user ID. Additionally, following point 2, we should store feedback data as its own table, instead of adding it to the user records. So we should make a new table on our root object, where for each user ID, we store a list of feedback entries.
It should look something like this:
{
feedback: {
userId1: /* this would be an actual user ID */ {
autoId1: /* generated using Firebase childByAutoId */ {
type: 'follow',
from: /* follower ID */,
timestamp: /* Unix time */,
},
autoId2: {
type: 'favorite',
from: /* ID of the user who favorited the photo */
on: /* photo ID */
timestamp: /* Unix time */
},
/* ...other feedback items */
},
userId2: { /* ...feedback items for other user */ },
/* ...other user's entries */
},
/* other top-level tables */
}
In addition, we will need to change the favorites/likes/follows tables. Before, we were just storing true in order to signal that someone liked or favorited a photo or followed a user. But since the value we use is irrelevant, as we only check keys to find what the user has favorited or liked and who they have followed, we can start using the ID of the entry for the like/favorite/follow. So we would change our "follow" logic to this:
extension User {
func makeFollowFeedbackEntry() -> [String: Any] {
return [
"type": "follow",
"from": self.userId,
"timestamp": UInt64(Date().timeIntervalSince1970)
]
}
func follow(_ otherUser: User) {
let otherId = otherUser.userId
let ref = FIRDatabase.database().reference()
let feedbackRef = ref.child("feedback/\(otherId)").childByAutoId()
let feedbackEntry = makeFollowFeedbackEntry(for: otherId)
feedbackRef.setValue(feedbackEntry)
feedbackRef.setPriority(UInt64.max - feedbackEntry["timestamp"])
let feedbackKey = feedbackRef.key
ref.child("users/\(otherUser.userId)/followers/")
.child(self.userId).setValue(feedbackKey)
ref.child("user/\(self.userId)/following/")
.child(otherUser.userId).setValue(feedbackKey)
}
func unfollow(_ otherUser: User, completionHandler: () -> ()) {
let ref = FIRDatabase.database().reference()
let followerRef = ref.child("users/\(otherUser.userId)/followers/")
.child(self.userId)
let followingRef = ref.child("user/\(self.userId)/following/")
.child(otherUser.userId)
followerRef.observeSingleEvent(of: .value, with: { snapshot in
if let followFeedbackKey = snapshot.value! as? String {
// we have an associated follow entry, delete it
ref.child("feedback").child(otherUser.userId + "/" + followFeedbackKey).remove()
} // if the key wasn't a string, there is no follow entry
followerRef.remove()
followingRef.remove()
completionHandler()
})
}
}
This way, we can get a user's "feedback" just by reading the "feedback" table entry with that user's ID, and since we used setPriority, it will be sorted by the most recent entries first, meaning we can use Firebase's queryLimited(toFirst:) to get only the most recent feedback. When a user unfollows, we can easily delete the feedback entry which informed the user that they had been followed. You can also easily add extra fields to store whether the feedback entry has been read, etc.
And even if you were using the other model before (setting "followerId" to true), you can still use feedback entries for new entries, just check if the value as "followerId" is a string as I have done above :)
You can use this same logic, just with different fields in the entry, to handle favorites and likes. When you handle it in order to show data to the user, just check the string in the "type" field to know what kind of feedback to show. And finally, it should be easy to add extra fields to each feedback entry in order to store, for instance, whether the user has seen the feedback already or not.
You can sort of implement what you want by using Firebase Functions. Here's roughly how I would go about implementing it:
All a user's feedback will be stored in /Feedback/userID/, located at the root.
Within this node, have a subnode called eventStream.
Whenever an action occurs, this can be directly added to the user's eventStream, ordered by time.
This action could be of the form: pushID: { actionType:"liked", post:"somePostID", byUser:"someUserId" }
Also include an anti-action subnode (under /Feedback/userID/). Whenever one of these 'anti-action' events occurs (for example: unlike, unfollow etc.), store this under the anti-action node for the corresponding user. This node will essentially act as a buffer for our function to read from.
This anti-action could be of an almost identical form: pushID: { actionType:"unliked", post:"somePostID", byUser:"someUserId" }
Now for the function.
Whenever an anti-action is added to the anti-action node, a function removes this from the anti-action node, finds the corresponding action in the eventStream, and removes this. This can be achieved easily by first querying by "actionType" then "someUserId" and then by "somePostID".
This will ensure that the user's eventStream will always be up to date with the latest events.
Hope this helps! :)

How to store my data using at the end of my step in MVC?

I have a form using a Table of REQUEST Using IDRequest (int), TitleOfRequest
and other Table events which can have multiple events for the same request.
So the Table of events will include :
IDEVENTST,
IDRequest,
IDTypeofEvent,
DateStstrong textart,
DateEnd
Table of TYPEOfEvent : IdTypeOfEvent,TitleOfType
From my view to create a new record, the record will create at the final step, i want to make it in order
1 ) Enter a form with fields TitleOfRequest
And fields where the person can enter : DateStart and DateEnd, TypeOfEvent and a button to add, and load the temporary records in datatable.
My questions is : what is the best way to store this temporary data with MVC ? And refresh it in my view then at least to save in my database.
You could use [TempData] if you want to store data for the next request only.TempData allow us to persisting data for the duration of single subsequent request.
If data should be accessible between multiple requests, then use Session.
[Session] is able to store data much more long time, until user session is not expire.
Here is a good blogpost on this matter:
http://petermcintyre.com/2013/01/27/asp-net-mvc-data-persistence-choices/

CloudKit : How to handle account changes with local persistent store?

In my application i have to maintain a local persistent store in sync with cloud kit private database. So I just wanted to know how can I handle account changes that may happen.
Confusion I have is as below:
say a set of records belong to user A now if user B log's in to the same phone I can do the following of the 2 things:
Ignore user and let data sync to B account too but that way A's data will get sync to B's private account too. Here the record change tag and all get a bit mess up since am saving CKRecord encoded fields to database.
I can maintain a user table and link each record to the user that is logged in that way user data will get separated. So should I maintain a user field along with all records ?
How can this be best handled even apart from above 2 things.
Of course in your local persistence store you could add the userID to personalize all records. An other mechanism is to remove all local data and fetch the users data when a change is detected. If you want to keep the users data on the device you could also create separate data stores for each user.
You can detect a changed login by adding the following code in your app delegate or root view controller:
NSNotificationCenter.defaultCenter().addObserverForName(NSUbiquityIdentityDidChangeNotification, object: nil, queue: nil) { _ in
/// remove local data and fetch user data
}
You should also refresh all user related data in memory and refresh the loaded views.

updating many users at once in parse

I'd like to update user's column which presents related posts that the user might like,
my code is like that:
let users = query.findObjects() as [PFUser]
for user in users{
let rel = user.relationForKey("posts")
rel.addObject(post, forKey: "relatedPosts")
rel.saveInBackground()
}
I really don't know why, but I tried to do that in many versions (not only by relation, also by arrays and other methods) and it always updates just one user (the one who logged in)..
how can I get this done?
You can't update user that is not currently authenticated in your app.
The way I see it you have 2 options:
1) You can set some Cloud Code to run using the master key, so it can modify users.
2) You can add a new custom column to your Parse User class that will link to another class DB that has the related posts for the user.
take a look here: Parse.com Relations Guide
I would choose #2.

inserting data in many to many relationship in entity framework

I have two tables (users , messages) which there is many to many relationship for them.
i want to add new messages in message table and allocate massages to current users.
Also i insert data like below:
Message newMessage = Message.CreateMessage("MessageText", "DateTime");
newMessage.Users.Add(new User{..... });
context.SaveChange();
this code will execute a query which add a new user in users table while the users table has some specified users and i don't want to add new user but as i mentioned i want to add new messages in message table and allocate massages to current users.
how should i do that?
The problem is you are creating a new User object with an existing primary key. When SaveChanges() is called EF detects the changes of the entities its already tracking and new entities added. Since your new User object was not tracked by EF, it tries to insert it.
You need to explicitly tell EF that the created user is an existing one. To do that you need to attach it.
Message newMessage = Message.CreateMessage("MessageText", "DateTime");
var user = new User{ Id = "foo" };
context.Users.Attach(user);
newMessage.Users.Add(user);
context.SaveChange();

Resources