Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to create different user groups in Firebase?

I am making a point of sale app, using Xcode.

I want this app to keep track of stock items, allow users to search stock, scan stock, add or lookup stock using a barcode. Items of stock will be stored in a users 'store'.

I want to have three types of users:

  1. A manager user, who creates a store and has full access to the store. He can manage all of the 'employee users', such as deleting their access and employee users must be invited by him to join his store using a unique code. He will have specific abilities that 'employee users' do not such as the ability to add and edit stock.
    What a manager account would look like enter image description here

  2. A employee user, who has limitations. (e.g. cannot see edit users page and not option to edit stock that manager user has).
    What a Employee account would look like What a Employee account would look like

  3. A shopper user who can only see a store and the items in a store. What a shopper users account would look like What a shopper users account would look like

The attached UI design should show what I mean. As you can see, the manager user has a manage employee tab that I wish only he can have and the other users do not. The manager has also got the option for more details when looking at stock, while the employee user does not. The shopper account has only got access to two functions, looking up a store, and checking the stock in a store.

So my question is, How do I code three different types of users in Firebase for my app? & How do I show them only options that I want to show them while showing other options to other users?

like image 560
Sam Avatar asked Jan 15 '18 00:01

Sam


People also ask

Can you add users to Firebase?

Add a memberSign in to Firebase. Click. , then select Permissions. On the Permissions page, click Add member.

Are users in Firebase unique?

Firebase users have a fixed set of basic properties—a unique ID, a primary email address, a name and a photo URL—stored in the project's user database, that can be updated by the user (iOS, Android, web).

Can you change user UID Firebase?

uid cannot be changed. You can create your own custom uid for users. You will need a users table which uses your custom uid rather than the one created by Firebase.


2 Answers

This is an incredibly broad topic and lots of it depends on how you implement the various parts of your app. Below is one of the many possible answers, just in an effort to get you started with some links.

If your app stores its data in one of Firebase database offerings (Realtime Database, or Cloud Firestore), or if it stores files in Cloud Storage through Firebase, then you'll likely want to store the role of each user as a custom claim in the profile of that user.

The Firebase Authentication documentation shows how to set such custom claims, for example how to set the admin property of a user to true from a Node.js script:

admin.auth().getUserByEmail('[email protected]').then((user) => {
  // Confirm user is verified.
  if (user.emailVerified) {
    // Add custom claims for additional privileges.
    // This will be picked up by the user on token refresh or next sign in on new device.
    return admin.auth().setCustomUserClaims(user.uid, {
      admin: true
    });
  }
}).catch((error) => {
  console.log(error);
});

Similarly you could set your user roles in a role property. Then you can check in the server-side security rules of the Realtime Database, Cloud Firestore, or Cloud Storage if the user has a role that allows them access to the specific data they're trying to access.

In the client-side code you can then decode the user's token to get access to the same claims and optimize the UI for them

like image 168
Frank van Puffelen Avatar answered Oct 13 '22 21:10

Frank van Puffelen


Frank's answer is the correct one but I wanted to add a very simple additional piece of information. If you store users information, (DOB, nickname etc) in a /users node (as many Firebase apps do) simply add the role within that node

users
  uid_0
    name: "Larry"
    role: "manager"
  uid_1
    name: "Curley"
    role: "employee"
  uid_2
    name: "Moe"
    role: "shopper"

When a user logs in, read their node from the users node and the app will then know what kind of user they are and display the appropriate UI.

You can also leverage that within Firebase rules to control what each role can access.

like image 30
Jay Avatar answered Oct 13 '22 20:10

Jay