ios - Firebase, Swift - runTransactionBlock: Permission denied -

-

i have encountered problem while trying users star runtransaction "permission denied" firebase. added below firebase security rules posts , swift transaction code.

what fault in case? if did first ".write" rule "auth != null" works everyone. don't want this. want prevent other nodes, starcounter , stars need changeable.

if shed light , explain, great.

"posts": {       ".read": "auth !== null",       "$id": {         ".write": "auth != null  && (                    (!data.exists() && newdata.child('ownerid').val() == auth.uid) ||                    (!newdata.exists() && data.child('ownerid').val() == auth.uid) ||                          root.child('admins').haschild(auth.uid))",         "starcounter": {             ".write": "auth !== null"         },         "stars": {             ".write": "auth !== null"         },       }     },

and here swift transaction code below..

dataservice.ds.ref_posts.child("\(self.post.postkey!)").runtransactionblock({ (currentdata: firmutabledata) -> firtransactionresult in        if var post = currentdata.value as? [string: anyobject], let uid = firauth.auth()?.currentuser?.uid {            var stars : dictionary<string, bool>           stars = post["stars"] as? [string : bool] ?? [:]           var starcount = post["starcounter"] as? int ?? 0            if let _ = stars[uid] {                // unstar post , remove self stars               starcount -= 1               stars.removevalueforkey(uid)               self.starbtn.setbackgroundimage(uiimage(named: "star-full"), forstate: .normal)               self.starbtn.settitle("unstar", forstate: .normal)            }           else {                // star post , add self stars               starcount += 1               stars[uid] = true               self.starbtn.setbackgroundimage(self.starimageview!.image!, forstate: .normal)               self.starbtn.settitle("star", forstate: .normal)           }            post["starcounter"] = starcount           post["stars"] = stars            currentdata.value = post            dataservice.ds.ref_posts.child("\(self.post.postkey!)").child("starcounter").observesingleeventoftype(.value, withblock: { snapshot in                if let starcount = snapshot.value as? int {                   self.starcountlbl.text = "\(starcount)"               }            })            return firtransactionresult.successwithvalue(currentdata)        }        return firtransactionresult.successwithvalue(currentdata)   })

update:

i have posts node below. want handle “starcounter” , “stars” reachable (write , read) everyone. others write owner. i’m using runtransaction using same in save data transactions. i’m getting permission denied while trying star post users (auth.uid) not owner. couldn’t both increase star counter transaction , adding in stars node.

posts   post_id_0     post_title     post_description     post_ownerid     ...     starcounter     stars      person_1: true      person_2: true      ...   post_id_1   ..

i have tried before security rules first advice (it’s answer ~10m. before), didn't help, couldn’t add new post. don’t know i’m missing in security rules in same parent node.

reduced code below above security rules..

post_ref.child("\(self.post.postkey!)").runtransactionblock({ (currentdata: firmutabledata) -> firtransactionresult in     if var post = currentdata.value as? [string: anyobject], let uid = firauth.auth()?.currentuser?.uid {         var stars : dictionary<string, bool>         stars = post["stars"] as? [string : bool] ?? [:]         var starcount = post["starcounter"] as? int ?? 0         if let _ = stars[uid] {             starcount -= 1             stars.removevalueforkey(uid)         }         else {             starcount += 1             stars[uid] = true         }         post["starcounter"] = starcount         post["stars"] = stars         currentdata.value = post         return firtransactionresult.successwithvalue(currentdata)     }     return firtransactionresult.successwithvalue(currentdata) })


Comments

Post a Comment

Popular posts from this blog

sequelize.js - Sequelize group by with association includes id -

-
so when requesting group sequelize follows: return models.workingcalendar .findall({ attributes: [ 'workingcalendar.periodid', 'workingcalendar.date', 'period.name' ], include: [ { model: models.period, attributes: [] } ], where: { getsudoid: currentgetsudo.id, unitplantid: unitplantid }, group: ['workingcalendar.periodid', 'workingcalendar.date', 'period.name'], }); sequelize run query: select [workingcalendar].[id], [workingcalendar].[periodid], [workingcalendar].[date], [period].[name] [workingcalendars] [workingcalendar] left outer join [periods] [period] on [wor...
Read more

java - Android raising EPERM (Operation not permitted) when attempting to send UDP packet after network connection -

-
when responding supplicant_state_changed_action broadcast , attempting send udp packet, exception: java.net.socketexception: sendto failed: eperm (operation not permitted) @ libcore.io.iobridge.maybethrowaftersendto(iobridge.java:542) @ libcore.io.iobridge.sendto(iobridge.java:511) @ java.net.plaindatagramsocketimpl.send(plaindatagramsocketimpl.java:184) @ java.net.datagramsocket.send(datagramsocket.java:305) @ com.mycompany.app.serviceclass.discover(serviceclass.java:355)at com.mycompany.app.serviceclass.access$600(serviceclass.java:39) @ com.mycompany.app.serviceclass$statemachine.run(serviceclass.java:242) @ java.lang.thread.run(thread.java:818) caused by: android.system.errnoexception: sendto failed: eperm (operation not permitted) @ libcore.io.posix.sendtobytes(native method) @ libcore.io.posix.sendto(posix.java:211) @ libcore.io.blockguardos.sendto(blockguardos.java:278) @ libcore.io.iobridge.sendto(iobridge.java:509) @ java.net.plaindat...
Read more

c++ - Migration from QScriptEngine to QJSEngine -

-
i'm migrating qscriptengine code on qjsengine. now, have: class pars { public: static qscriptvalue printmainlog(qscriptcontext* c, qscriptengine* e); }; qscriptvalue pars::printmainlog(qscriptcontext* c, qscriptengine* e) { //some actions return e->globalobject().property(""); } ... qscriptengine engine; ... engine.globalobject().setproperty("printlog",engine.newfunction(pars::printmainlog)); so, user can put printlog("what ever"); in application in , example, qlineedit , function pars::printmainlog evalute. is there way qjsengine? so, user put same printlog("what ever");? way find here , user should put logger.printlog("what ever"); logger class inherited qobject printlog slot.
Read more