I've just simply copy and pasted over a firebase rule from this documentation to implement token revocations. However, the RTDB rule engine does not allow this expression to be published, notice the screenshot below..
I have literally copied this rule from the documentation found here: https://firebase.google.com/docs/auth/admin/manage-sessions#revoke_refresh_tokens
The error is shown in the picture below:
what am I doing wrong here?
Yeah, that looks like it's not going to work. Luckily you can get the same result with a bit more code:
".read": "$user_id === auth.uid
&& (!root.child('metadata').child(auth.uid).child('revokeTime').exists()
|| auth.token.auth_time > root.child('metadata').child(auth.uid).child('revokeTime').val())
So instead of using the || 0 trick to handle the case where there's no revokeTime, this now have an explicit condition for that case.
I also filed a bug to get this fixed in our documentation.
Related
I wrote a simple rule,
rules_version = '2';
service firebase.storage {
match /b/{bucket}/o {
match /image/{fileName} {
allow read: if resource != null;
allow write: if false;
}
}
}
Then I added a file in /image folder in the default bucket. Using the Rules playground simulator tries a read request to the file and it failed. It is saying the resource is actually a null.
Any ideas why? From their documentation it seems like it should not do this or am I missing something? Any help will be highly appreciated.
(Update) Following was what I originally tried doing,
--- (Update in response to Franks post)
Hi Frank, I tried exactly what you suggested, still no luck :(. Attaching the screenshot here.
(Update) Frank's suggestion is correct, the file name mismatch was the issue as you originally suggested. The actual file name is scribble.jpg and I typed scibble.jpg in the simulator. After correcting, it was working as expected.
While I thought I could reproduce the problem, after carefully copy/pasting the paths of some existing files, I can now no longer reproduce this in any project/test.
No idea what's going on for you, but I recommend copy/pasting the file names/paths as I did. Especially check for training spaces with in the file name, and in the Location value you enter in the playground, as they are incredibly easy to overlook and will cause the rules to fail.
I am using several Symfony expressions in my TypoScript checking for query parameters such as this:
[request.getQueryParams()['tx_news_pi1']['news'] > 0]
do something
[END]
This is working well – as long as the query parameter exists. If it doesn’t, the following error message is written into the log file:
Unable to get an item on a non-array.
In PHP I would use isset() to check whether the query parameter exists – but I could not find a similar way for Symfony expressions in TypoScript. I have tried
[request.getQueryParams()['tx_news_pi1']['news']]
which works the same, meaning: it does what it’s supposed to do, but logs an error message if the query parameter does not exist.
Is there anything like isset() for the Symfony Expression Language in TYPO3?
The is_defined() or isset() I was looking for will be returned by the condition
[request.getQueryParams()['tx_news_pi1']]
instead of
[request.getQueryParams()['tx_news_pi1']['news']]
In my use case this would even be enough. If you need to be more precise (e.g. to differentiate between different query parameters within the same plugin), go for
[request.getQueryParams()['tx_news_pi1'] && request.getQueryParams()['tx_news_pi1']['news'] > 0]
The solution was provided as a reply to a bug report on forge.typo3.org
Try this:
[request.getQueryParams()['tx_news_pi1']['news'] = ]
do something
[END]
I would like to be able to have my database only accessible from 3 Google domains. I can access it from one domain but when I try to add more it fails.
The rules I have tried so far:
{
"rules": {
".read": "auth.token.email.endswith('mycompany#gmail.com')"
}
}
I have tried to add an or statement into it but with the second domain I don't get authorised.
Try playing with this syntax instead:
"auth.token.email.matches(/.*#gmail.com$/)"
You can put logical operators inside as well - &&, ||.
More here and obviously here.
Given the following Meteor code helper from the websites "Try Meteor" tutorial:
// Add to Template.body.helpers
incompleteCount: function () {
return Tasks.find({checked: {$ne: true}}).count();
}
I get pretty much everything about this code except for this arbitrary looking $ne thing. I've seen this before with Meteor examples and I don't get it: What does $ne represent? Where did $ne come from?
$ne means not equal to.
It is preferable to use this instead of {checked: false} since it also includes the ones where the checked attribute isn't in the document {} and the case where {checked: null} as both of these are cases where checked isn't equal to true & are also not false.
This way if you have a fresh document without any attributes it would also be a result of the query.
I'm learning Meteor. So far, I've been able to initialize properties on User.profile with the following:
Meteor.users.update(Meteor.userId(),{$set:cardObject});
I'd like to update those properties but when I use the same technique I get this:
errorClass {error: 403, reason: "Access denied", details: undefined, message: "Access denied [403]", errorType: "Meteor.Error"…}
It will let me $unset the properties though:
Meteor.users.update(Meteor.userId(),{$unset: cardObject});
This is strange to me. I can delete properties but not modify them.
Any ideas?
I don't have the full codebase, so I'm guessing, but based on your code snippet, it might be because cardObject doesn't complete the $set commmand properly. a typical $set command looks like this:
...{"$set" : {"key": "value"}}...
so, it may depend on what is in your cardObject.
Whereas your $unset will work just fine because you only need the key to perform an unset.