In the FireBase Console for my Android app, is it possible to give a user a role that enables him/her to send notifications to the devices, and nothing more?
I tried the current "project roles", and none seem to suffice, they give the user too many functions.
If I set the most basic role "Project -> Viewer" the user cannot edit anything, but can still delete the app.
There is currently no way to give collaborators access to only a subset of the feature in the Firebase Console.
Now you can. Firebase made it possible for you to add a user with a specific role. This option is currently in beta but it works. I tested it just now. Firebase roles are divided by categories and you can assign user as an admin or viewer for a specific category. For a more detailed explanation just check the attachment.
Related
I have a Firebase project with accompanying webapp (website).
I am looking to create a commmunity on the site, with user accounts, logins and ability to post comments on the site.
I am the Firebase project owner and have some developers (viewer & editor roles) who maintain the site for me.
My concern is that if I create user accounts, my developers may get access to these user emails which compromises GDPR.
Is there a way in the Firebase database of a project, to hide user emails & password data from said developers or even myself?
Appreciate your advice
After doing some research and even hiring someone on fiverr to walk me through this I finally figured out what do do.
First as mentioned by Frank above I need to create a custom IAM role on Google cloud platform. The youtube tutorial below walks through how to do this
https://www.youtube.com/watch?v=6GTGSMW_-XQ
Second make sure that the permissions that you assign for them do NOT include any of the below.
Firebase Authentication permissions:
(firebaseauth.configs.create, firebaseauth.configs.get, firebaseauth.configs.getHashConfig, firebaseauth.configs.getSecret
firebaseauth.users.delete, firebaseauth.users.get, Firebaseauth.users.sendEmail, firebaseauth.users.update)
That's it pretty much
I have implemented Firebase Auth into my app to let my users connect with their Google accounts. So far so good, however once a user has chosen to connect with a specific account from the google account chooser popup, he won't be able to choose a different account the next time he logs in. The previously selected account will be automatically picked for the authentication.
I really don't find this behavior correct, so I am trying to fix it.
After some research I found that I can use setCustomParameters(prompt: "select_account") with the googleProvider, like so:
this.googleProvider = new firebase.auth.GoogleAuthProvider();
this.googleProvider.setCustomParameters({
prompt: "select_account",
});
More info here: https://developers.google.com/identity/protocols/oauth2/openid-connect#authenticationuriparameters
In my case, using the consent and select_account parameters don't seem to have any impact, the user does not get to choose which account to use.
Edit: It would seem that it works correctly with chrome, but not with firefox...
I have found the source of the issue, it is in fact not really an issue. The google account picker will only show up if you have other accounts registered onto the device/browser you are currently using. If you want to choose a different account that is not saved into your device/browser, you would first need to log into it via google.
I created an App with the GSuite administrator account. But now when I go back I am my work user(rob) and have no access to the App I created.
If I then go to Google and switch accounts there is no issue for all other Google apps(drive, gmail etc) but Appmaker still shows me as rob.
How can I convince App Maker to work like all other Google apps and let me select the logged in user?
Most likely it happens because at this time App Maker doesn't provide users with account chooser widget like most other Google products. Here are some things to try to bypass this limitation:
use different chrome instances for better accounts separation (https://support.google.com/chrome/answer/2364824) - I would highly recommend this approach. I have about 10 different accounts and this feature saves me tons of time and gives peace of mind
use incognito window
log out from other accounts (in theory, when you open AM it will ask you to choose an account and re-login)
I understand how to link two Firebase accounts manually, by allowing a logged in user to select to link another account, and then using the `linkWithCredential' method.
However, is there a way to use Firebase's FirebaseAuthUserCollisionException to trigger a prompt to the user to link the auth method that they are trying to loggin in with, with that of the existing account?
After the research that I've done, I'm assuming not. However, any suggestions relating to this or similar approaches would be appreciated.
On the latest version of Firebase (Announced during Google I/O 2016), how do I add other people to my project or app whom I want to collaborate with? I came across IAM roles through Settings > Permissions. Is this the right way? If I add person there and assign a role, say Editor, will he/she be notified about it through email? Will a request be sent or will they be added directly to that role?
To give people access to your Firebase project, take these steps:
Select your project in the new Firebase Console
In the top left, next to the project name, click the settings/cog wheel icon
Click Users and Permissions
Click Add member
Enter the email address of the user to add and select the appropriate role as per your requirement
Click the second Add member button
The newly added users will get an email with the subject [Firebase] Invitation to join project and an option to Accept Invite in the body. Be certain to let them know that you added them so that they can accept the invite.
UPDATE 6/18/2018 - changes to Cloud Console and Google's functionality, the original solution may no longer work as shared in comments. For a recent project, I was able to add other users and permissions via Firebase console as indicated below.
Old Solution
Originally you had to choose Editor but you do not have to any more. There are new roles added to Google Cloud IAM in the other section, namely the Firebase Rules System role.
If you add a user to a Google Cloud project using IAM and assign them this role, they can access Firebase project by visiting:
https://console.firebase.google.com
The authorized project(s) should appear and they can access, without access to the rest of the Google Cloud project.
In latest version of the console adding is in a bit different.
Go To Your Project -> Project Overview -> Users and Permissions . This will open up new Pop Up.
Now click on the +Add to add the Members.
Now Add Email Id of the member. Now below that choose from the dropdown Project -> Collaborator as shown below and Save. Thats all! You are done.
If you're adding a Project owner, an invite will be sent to the new user. However, no email invites are sent for the Project Editor/Viewer roles.
From Users and Permissions tab, now, at I/O 2019, it was announced a new option to give permissions.
You can now assign to a specific collaborator, access to Analytics, Develop, Quality and Grow, each one with Admin privileges or View privileges.