Is it possible to use Firebase as some sort of "middle end"? I have an app (front end) my users can use to share files with their friends. All the users data is saved in Firebase as a json. Right now the files that users share with each other are saved on Firebase Storage but as the size of data being saved and transferred grows, so do the server costs. I was therefore wondering if I can use Firebase just the way I am with the only exception that the files are being stored on another server (not Google/Firebase)? If that is possible, how could I do so, I have not found any kind of instruction online.
Related
My goal is to have a firebase cloud function track the upload of three separate files to the same storage bucket. These uploads are preceded by a write to the real time database which would preferably be the trigger for the cloud function to track the uploads.
The context is a user is adding an item to her shopping cart. The data is written to the RTDB and then a custom 3d model and 2 images are copied into a storage bucket. If any of these files don't successfully upload, I need to know that and conduct a rollback of the 3 files in the storage bucket and also remove the entry in the database. I could handle this client side, but that isn't ideal since usually if the uploads fail, its because the connection with the client has failed.
I haven't been able to find any sort of batch add or transaction-type uploads to firebase storage. Sorry for not having any code to show, but I'm not even really sure how to get started on this. Any suggestions would be much appreciated. Thanks!
There are no transactions that cross products like this. Nor are there any transactions offered by Cloud Storage. You're going to have to check errors and manually undo things previously done. Or, have some job that checks for orphaned data and deletes it later.
I want a group of users to access files stored in Cloud Storage, but I want to make sure they are authorized. Do the unique ids generated by Firestore create enough protection to make them unguessable?
I have my files stored using this structure in Firestore:
/projects/uidOfProject/files/uidOfFile
I made sure that only authorized users can view uidOfProject and uidOfFile using Firestore Rules.
I store that actual files in Storage here:
/projects/uidOfProject/files/uidOfFile
But, I cannot lock down this path to only the authenticated user id, because other users can access this project.
Is the fact that I have two unique ids enough to prevent a user who doesn't have access from finding these files? What are the odds of a user figuring out both the uidOfProject and uidOfFile and manipulating that file? Is there a more secure way of doing this? I know cloud functions could offer a solution, but at a cost of speed.
Do the unique ids generated by Firestore create enough protection to
make them unguessable?
Security through obscurity is NOT security. Good reference to read.
Unguessable, probably. However, due to the somewhat public nature of URLs, logfiles, information leaks, "hey check this out" favors, etc. objects that are not properly protected will be discovered.
If only users of the project can access the files, can they also list the files? If yes, curiosity might take place browsing to see what is there.
We've prepared an app based on firebase storage and we plan to run it with few events. They're will be like 70 000 people. We assume there will be not many different files to download - for example a few video files, some more photos and sounds.
Assuming firebase storage could download 200-300MB each person we want to optimize the network traffic in specific location (one building).
Is there any possibility to create/run local storage cache not to skyrocket firebase storage bandwith, but only do this in local area (for people connected to some ours network)? Download it once to some local server and redirect all requests to it?
I'm looking for any kind of a solution.
What you're asking for doesn't exactly exist within Firebase Storage.
However, you could work around your limitations by using a link to your content (e.g. on YouTube) and embedding it.
Alternatively, you could download content from your own server (or one hosted using Firebase Hosting) after you've pulled a list of metadata (links, names etc) from Firebase Storage. Using a CDN / caching service like Cloudflare would also mean that the impact on your server (or Firebase Hosting) is actually relatively low, as are costs.
I need to get a user profile document, which then needs to access two other documents in separate collections, before it returns. At the moment I have implemented this client side but it takes a while. Should I/Can I run this using Cloud Functions, so that I just call one GET and retrieve everything in one go, rather than calling separate get functions sequentially from within my app?
The database retrieval from separate collections would take a similar amount of time whether it's done from the client or Cloud Function.
Collection queries should be very fast on your indexed fields, so probably your problem is the way you are handling asynchronicity. Are you waiting for the result from the first collection before starting the second query? You could dispatch both queries at the same time to cut your waiting time.
You can store all your documents in Firebase Storage and then concatenate the references from the files and download all the documents at the same time, plus you can access them quicker because you can store them into your SD card or internal storage.
Then, if the documents need to be rewritten there is not problem because if you download again from the storage it will auto replace them and the user will still have access to the documents. I tell you this because I'm doing something similar and it's working great!
Edit: As Sujil says, first make an authentication between the user and the database structure with Firebase, so only people logged in or authenticated in your app can read/write files.
I'm trying to determine if I can use Realm DB for an app I am building and I am stuck on access control.
In the Realm DB documentation it looks like the only way to do access control is through Realms themselves, by either granting or revoking access to an entire realm. The documentation also says to try and keep the number of concurrently open and syncing realms to about 12. I am trying to build an app with a social feed where users can "follow" each other, and you could potentially follow hundreds of different users. You see very little data, just their activity, so there is not much actual data going back and forth, but you should only have access to view that data if the other user lets you follow them. I am thinking of it being like each user having a "private" realm and a "shareable" realm that they can grant other people access to. Is there any way to do this with Realm DB that doesn't involve syncing hundreds of different realms?
At the moment, there is no other way than syncing hundreds of Realms.
There will be another way in the future where you can use partial
synchronization.
https://realm.io/docs/java/latest/#partial-synchronization