firebase.com security API only users that paid for subscription
So lets say a user is logged in, but didn't pay for subscription to get data. So how to protect the data, so only users that paid subscription can see contents of some specific tables?
So let's say a user is logged in, but he didn't paid subscription to see content of tables:
protectedtable
so he cant access that
After he made purchase with paypal, then he can see that protectedtable
So every user that pay can access that table.
Are there any tutorials or how this can be done with firebase.com?
Related
I've set up a firebase project not to long ago and linked it with a Google Cloud organization. I'm now trying to get the receipts for the monthly charges and I can't figure the hell out where to find them.
The Firebase Console lets me know that I'm not an "Billing Admin" for the associated project... but I also can't figure out who is
As per the image's suggestion, I went into the GCP console to find the billing account.
There seems to be one called "Firebase Payment" (after all I'm paying) but whenever I try to access/modify the account I'm presented with a message saying that I have no access. I tried with all users in my organization and not a single one has access.
Has anyone ever run into this problem before?
It seems that when you create a Firebase project (with Blaze plan) and link it to an GCP org later you'll get the Firebase Payment billing account which can't be modified. To solve that problem for good, do the following
Open the GCP dashboard and create a new billing account
Once thats done, search for Billing Accounts and switch to the My Projects tab
Click Change billing and assign the newly creataed Billing Account
Errors regarding "permissions" have to do with the role we have assigned in that particular project. If you have a role assigned in a particular protect, the access does not migrate to another project. Each project has its own set of rules and they are controlled by the owner of the project. Here is a list of the billing roles and what each role does:
Billing account Administrator - The Billing Account Administrator role grants the IT department the permissions to associate projects with billing accounts, turn off billing for the projects, and view the credit card information for the accounts that they resell to their customers.
It does not give them permissions to view the contents of the projects.
Billing Account User - The Billing Account User role gives the service account the permissions to enable billing (associate projects with the organization's billing account for all projects in the organization) and thereby permit the service account to enable APIs that require billing to be enabled.
Billing Account Viewer - The Billing Account Viewer role allows the developers to view the expenses for a billing account.
Here is a google document that provides a more detailed explanation about the different roles for billing.
The owner of the project needs to provide you with the correct role in IAM in order for you to have access to the information you are requesting.
You can also access a billing report using the following, but make sure you have the access billing.accounts.getSpendingInformationif you want such feature
I am creating a website for a customer using firebase.
I want the customer to enter his / her credit card details and manage payments associated with that project.
How do I give access to the customer?
There is a project billing manager profile that associates billing to a project. But that seems to be different than my current use case.
Is my use case even possible? Or should I ask the customer to create a new gcp account altogether and give me permission to deploy the project in it?
What is the recommended way of setting up billing in a safe manner
If the customer going to manage the payments, in this case the recommended way is,
Creating a new GCP account for the customer, if the customer don't have an account.
Create a Google payments profile, if the customer don't have any.
Create a new billing account and choose the respective payment profile or you get a provision to create a payment profile while creating the billing account, which by
default comes with Billing Account Administrator role.
Finally, link the project to the billing account.
As the billing administrator(customer), he can add other members to the billing resource with roles such as Billing Account User, Billing account viewer, etc .. depends on the requirement.
For example, the member who got assigned as Billing Account User, can link the projects to the billing account managed by the customer, but won't able to update the billing account.
By doing above, the billing part will be restricted from others.
Additional Info:
Even the customer owns the billing account, it doesn't mean he can access all the projects linked to his billing account. He can access only the projects that he created and got the respective project access.
In other end, the user won't be able to update the billing account of the customer and also the user won't be able to see other projects attached to the customer billing account, apart from the projects he manages.
In a flutter app using firebase back end, how can the premium features of the app be restricted?
For example if the user haven't paid for subscription then only allow 10 chats per month, or something like this.
You have to add in-app purchases to your Flutter app, follow this codelabs to implement it..
There are three main types of in-app purchases:
Consumables: Can be purchased multiple times.
Non-consumables: Can be purchased once but never again.
Subscriptions: Gives users access to purchase for a limited amount of time.
Use custom claims and enforce it with security rules.
Once a user has paid, or unlocks premium features in whatever way you see fit, then that user can get a custom claim associated with the users account in firebase. This can be checked for in frontend as well in backend.
More details and great examples at:
https://firebase.google.com/docs/auth/admin/custom-claims
I'm trying to set up user accounts for my website which are paid only. I don't want a user to have an option to create an account without having already paid. How would I go about this?
Example:
google pay button with a click subscribe simultaneously adding them on a subscription and creating their account (not sure how I would do this integration)
Paypal subscribe button which then takes them to a page where they can sign up after they pay (not sure how I would get their paypal subscription information though on that response if they don't choose to sign up)
I did find paypal subscriptions that generate usernames and passwords (https://developer.paypal.com/docs/paypal-payments-standard/integration-guide/user-names-passwords/), however I dont know how I would correlate this with my firebase users.
I'd prefer a solution where after they subscribe they are automatically added to google firebase with an email and password (or temp password) and their paypal ID.
Use firebase functions and require they initiate a subscription with paypal buttons and onApprove of the paypal buttons, send an API call to your google function to add them to the database and send the sign up email.
Our app involves users to sign up using LinkedIn and add company pages to measure engagements.Till now any user can add any company page even if he is not a admin of it.
After the new LinkedIn Developer updates, will company updates be available to users who are not admin of the company page?
If not, what will be solution to access the updates and measure the engagement on the updates?
Which partner program should we subscribe to get LinkedIn company updates?
I've chatted with a few people from LinkedIn and the answer is no. You will not be able to access the company resource without the particular auth'd LinkedIn Account having admin access that company page.
I unfortunately do not have an easy answer for you regarding the partner program, there are many.