I see that there is no way to set security rules as preventing "delete and update" for a child.
".write": "!data.exists() && newData.exists() && !newData.exists()"
thats not make sense.
For future reference, the Firebase console lets you test database security rules, so you can find out what works right there before you publish those rules. That being said, if I'm understanding your question correctly, you want to allow users to add to the node, but not delete or update. You'd be looking for something along the lines of:
{
"rules": {
...
"childNodeName": {
".write": "!data.exists()"
}
}
}
You shouldn't need those other two conditions. Not to mention, they will never resolve to true since those conditions cannot be met.
You can also use a wildcard if you need to add multiple children to a path but you don't want the user to modify those children once they've been added:
{
"rules": {
...
"childNodeName": {
"$pushId": {
".write": "!data.exists()"
}
}
}
}
Related
I have the following shouldUpdate call
shouldUpdate(changedProperties: PropertyValues): boolean {
if (changedProperties.has("mobile") &&
!this._isOpeningDialog &&
this._testStore.isShareSheetOpen) {
this._testStore.closeShareSheet();
}
return this._isOpeningDialog;
}
I need to check if the mobile property has changed and if so update the element. However, this seems like an anti-pattern. Does anyone have a better way to do this?
this._testStore.closeShareSheet() causes the element to re-render and shouldUpdate to be called.
I'd like to get an overview, for example of all the critical vulnerabilities I have access to view in a GitHub organization.
This answer has allowed me to get a list for a specific repository:
{
repository(name: "repo-name", owner: "repo-owner") {
vulnerabilityAlerts(first: 100) {
nodes {
createdAt
dismissedAt
securityVulnerability {
package {
name
}
advisory {
description
}
}
}
}
}
}
However scanning a large organization manually is just as easy repo-by-repo through the GUI as it is through the API.
Is there a way, preferably in Insomnia, though if not then a CLI version is ok, to get such a list of critical vulnerabilities?
I suspect it can only be done by querying every repo by iterating through the list of all repositories, something like this query I had from something else I was playing with, though was curious if anyone had any other clever solutions to save writing that app:
query{
organization(login: "repo-owner"){
repositories(first: 100){
nodes{
name
}
pageInfo{
hasNextPage
}
}
}
}
I'm unaware of a way to filter for critical vulnerabilities using the GitHub graphql, but you can do something like this:
{
organization(login: "repo-owner") {
repositories(first: 100) {
nodes {
nameWithOwner
vulnerabilityAlerts(first: 10) {
nodes {
securityAdvisory {
severity
}
}
}
}
}
}
}
This will output the severity for every single repository in the repo-owner organization regardless if there is a severity for the repository. I believe with the gh cli tool, you can use Go templates to format the output. For more information on how to use the gh cli tool with Go templating, please refer to the following page.
I can't seem to find an answer from the documentation http://origen-sdk.org/origen/guides/program/flowapi/
From SmartTest 7.1.3 and later of Advantest, we have the option to set “Group Bypass” property of the Group node testflow component.
{
run_and_branch(TestA)
then
{
}
else
{
if #Alarm then
{
binout;
}
else
{
}
}
run_and_branch(TestB)
then
{
}
else
{
if #Alarm then
{
binout;
}
else
{
}
}
}, groupbypass, open,"DataCollectionTests", ""
I tried using if_flag:, continue: and if_enable properties in my group definition but I’m getting an
if #GROUPBYPASS == 1 then
{
.
.
.
}, open,"DataCollectionTests", ""
in the flow instead.
What is the correct way of hooking up into this property?
This property is not currently supported, if you want it added please open a ticket describing it here: https://github.com/Origen-SDK/origen_testers/issues
In the meantime, you could generate it by using the render method which allows you to explicitly define code to be injected into the flow.
For example:
render '{'
# Your existing code to be wrapped in the group here, e.g.
test :testA
render '}, groupbypass, open,"DataCollectionTests", ""'
You could create your own helper method for that within your interface:
def group_bypass(name)
render '{'
yield
render "}, groupbypass, open,\"#{name}\", \"\""
end
Then in your flow:
group_bypass "DataCollectionTests" do
# Your existing code to be wrapped in the group here, e.g.
test :testA
end
Some optimizations/algorithms make code considerably less readable, so it's useful to keep the ability to disable the complex-and-unwieldily functionality within a file/module so any errors introduced when modifying this code can be quickly tested against the simple code.
Currently using const USE_SOME_FEATURE: bool = true; seems a reasonable way, but makes the code read a little strangely, since USE_SOME_FEATURE is being used like an ifdef in C.
For instance, clippy wants you to write:
if foo {
{ ..other code.. }
} else {
// final case
if USE_SOME_FEATURE {
{ ..fancy_code.. }
} else {
{ ..simple_code.. }
}
}
As:
if foo {
{ ..other code.. }
} else if USE_SOME_FEATURE {
// final case
{ ..fancy_code.. }
} else {
// final case
{ ..simple_code.. }
}
Which IMHO hurts readability, and can be ignored - but is caused by using a boolean where a feature might make more sense.
Is there a way to expose a feature within a file without having it listed in the crate?(since this is only for internal debugging and testing changes to code).
You can use a build script to create new cfg conditions. Use println!("cargo:rustc-cfg=whatever") in the build script, and then you can use #[cfg(whatever)] on your functions and statements.
I'm building a simple data structure and I'm hoping the Firebase security rules can accommodate it.
Right now I'm getting PERMISSION_DENIED for read privileges.
I know you're usually supposed to design your data structure around the security rules but there are very specific reasons for this data structure
So I'd like to try and make the security rules work around it.
Here's the json export of my data:
{
"form" : {
"form" : {
"data" : "Form",
"owner" : "116296988270749049875",
"public" : true
}
},
"users" : {
"116296988270749049875" : {
"data" : "Daniel Murawsky"
}
}
}
And here's what I've got for the security rules so far:
{
"rules": {
"$form":{
"$dataId":{
".read": "data.child('public').val() == true",
".write": "data.child('owner').val() == auth.uid"
}
}
}
}
I've never seen a use case for having two $location variables, one after another, so I can imagine that being the problem. Any input is welcome.
Thanks!
UPDATE
Thanks to Frank's recomendation to use the security simulator (https://.firebaseio.com/?page=Simulator), I quickly figured out the problem with a little bit of play. Thanks Frank!
I didn't understand (even though I read it a dozen times) the concept that Rules Cascade. Once I got it, it was easy.