Google smart home action : where to trigger a requestSync? - google-smart-home

I created a smart home action and I have to implement the requestSync feature for certification.
But I don't understand from where to call it : from my backend fulfillment ? or from elsewhere ?.
In the documentation, I saw :
You must trigger a SYNC request:
- If the user adds a new device.
- If the user removes an existing device.
- If the user renames an existing device.
- If you implement a new device type, trait, or add a new device feature.
But all these user interactions are from the Google side (in the Google Home app), so I don't understand why Google doesn't trigger the sync itself, and how could my backend know that the user changed something ?
Can someone help me with this feature ?
Thank you !

But I don't understand from where to call it : from my backend fulfillment ? or from elsewhere ?
It definitely should come from backend.
But all these user interactions are from the Google side (in the Google Home app), so I don't understand why Google doesn't trigger the sync itself, and how could my backend know that the user changed something ?
This isn't a case to use the "requestSync". And your backend doesn't need to know about it if your users operate their devices from Google Home app
Here I will explain some example use case for you.
Imagine that you have your own application for controlling your devices. Then you develop the smarthome action project to make your device be able to controlled over voice. When your devices are linked with HomeGraph and you change your device's name, add or remove it from your own application. This is the time that your backend system should make "requestSync".
Even if your system doesn't allow user to make such of those changes on the device unless using Google Home app, google requires your system to be able to send them the "requestSync" for the case that when you "Implement a new device type, trait, or add a new device feature". This is the way that allows you(as developer) to update your users' devices without them(your users) unlinking and relinking their account.
And if you are not clear about "Implement a new device type, trait, or add a new device feature". Just thinking of case that you want to add more traits for your devices and you want to make update on all devices that has been linked before to be able to use a functionality from your new trait. You will need "rquestSync"
Hope this help. Goodluck :)

Related

Handling whether or not the user has already seen a popup, ReactJS

I am a bit dumbfounded on how to achieve this properly. So you have an app that is getting regularly updated, and you show those new updates to the user (something like discord update popup and whats new and such). How do you handle whether or not the user has seen it? A more high level question that "local storage", I am well aware of that or storing it in a DB, but this doesn't seem 1) Scalable, 2) Easy to work with in the long run. Are there any JS libraries that can simplify the process, eg or do I have to manually track each update? If there are more updates or the user hasn't logged in a while
I hope I conveyed what I am working on properly. Would love to hear how it's usually done.
Q: have an app that is getting regularly updated, and you show those new updates to the user
A: Service Worker can help you .That support reacting to push message .And they provide the Push API gives web applications the ability to receive messages pushed to them from a server, whether or not the web app is in the foreground, or even currently loaded, on a user agent.
More detail about start up a service worker to send users a message . https://developer.mozilla.org/en-US/docs/Web/API/Push_API .
Finally I suggest you try Workbox , that is a library that bakes in a set of best practices when working with service workers.

How send notification into ms teams user from custom tab

I'm designing a custom team tab using React that calls third party API, I need after executing the API successfully, user gets notified . What is the best way to achieve this? I used Bot in my project, but not sure how can I call it from my custom tab class. I'm aware of the existence of proactive messaging, is it the only way to do it? If it is, a pointer on how to implement it to a custom tab would be appreciated.
If you're wanting to message the user 1-1 (like in the personal app), then proactive messaging is definitely what you need (inside a Team, there are other options), and considering you have the bot already in place that's perfect. The only thing you might be missing are the details required to send the actual proactive message (the best time to get them is when the bot is first installed by the user). In particular, you need ConversationId and ServiceUrl.
With regards the concept of Proactive Messaging, basically once the bot is installed, and you have the required values, you can -send- the message from any backend code at all. That can include, for example, custom tab's backend api. You need to identify the user, which you can do using the Teams Context (it's not the safest way but it's the easiest), and then look up the values in your own backend store (e.g. database or whatever) to get the ConversationId and ServiceUrl, then just message the user in your backend.

How to have a safe admin handling with reactjs and firebase

I would like to add functionalities depending on whether or not the user logged in is the administrator but I don't really know which condition (for conditional rendering with delete buttons etc) I should use to check if the user is the admin or not. Is it safe to do it based on the id of the user ? In the first place, I thought about testing the user in every component I want him to have functionalities, with a state called "user" using recoiljs to get access to the user in the whole app but I'm afraid people could change the state with the react tool extension and then pretend they are the admin and so delete articles and stuff... What's the best way to test if a user is the admin or not using firebase authentification in a react project ?
It's never safe for client code to assume admin responsibilities without absolute enforcement from your backend. It's unsafe because client code can be compromised and might not work the way you expect. And it's running on a device that the user controls fully.
Client code can check some indicator to see if the user is admin (in whatever way you find suitable), but the final check needs to happen on your backend, either through security rules (if you're using Firebase products like Realtime Database, Firestore, or Cloud Storage), or in code running on a secure backend, including products like Cloud Functions.

2 apps with the same database in Firebase

My project is to create an app similar to Uber.
There are 2 APPs, one for partners and the other for clients and I saw that I can create more than one app within the same Firebase project,that way I can use the same database for both APPs.
What I did not understand, how to do is differentiate the partners and the clients?
In the "Auth" menu, I would have to differentiate them with a Boolean.
Can I do this using Firebase? If not, does anyone know show me another way to do? or another database?
Another question I have is in relation to part of the payment, How I store the data of the credit card at Firebase? It support for this? Does anyone know show me a library to make payments straight through the app?
I don't think you can do that from the "Auth" Menu. This "Auth" function is only there for the sole purpose of letting user signup and login to your app.
You just need to implement the user category in your Real time database.
Store the user's uID, with key:value "userType":"client" or "userType":"partner".
And whenever the associated uID logs into your app succesfully. you need to read from the Real Time database to determine whether this user is a "client" or "partner" and show the appropriate functionality accordingly (or direct them to a different View controller eg: ClientViewController / PartnerViewController). Or if you have 2 entirely separate apps. Then this can act as a verification, just to make sure if this user is indeed a partner / client.
I'm not sure what to do with the payment system. But you can look at library like Braintree or something.

Salesforce[Web Tab]: how to authorize user

I have created Web Tab in salesforce with url of my application. When someone opens that tab and my application gets call, How can I make sure where user who opened it is authorized?
I know I can pass {!User.Email} and other variables to my app to identify user. I guess some sites also send {!Api.SessionId} but I can not find any information about how to authorize using Api.SessionId or any other variables that can be passed.
Update
I found https://developer.salesforce.com/page/Single_Sign_On_for_Composite_Apps which is guide to the question I asked. But not able to find jar for given java classes.
You can use the API SessionID and ServerURL to make a request back to Salesforce via the API. Say with the PartnerAPI. This will confirm that the user did indeed come from a valid Salesforce session. You can confirm other details, such as their email address from the active session as well.
Alternatively, you could create a newer connected app using signed requests. Here the request posted to you app will be signed with using a secret that you can decrypt. This ensures the details haven't been faked or tampered with.
Rather than creating a Composite App you can create a Canvas App. This is a type of Connected App. You can find instructions for setting this up at Creating a Connected App. The Signed Request is POSTed to your web app. See Signed Request Authentication

Resources