Dear Backendless,
I’m only having problems with the platform in the last 2 days. Something has changed except for the 3.0.3 SDK on iOS?
Here is a small project to demonstrate how bad the situation is since nothing is working well anymore for me.
Here are the steps to reproduce and test:
A] Setup:
a) Facebook:
Create a new Facebook App called BasicTest in any category
Configure the Info.plist with the Facebook app ID and name
Paste the bundle identifier (com.backendless.BasicTest) as requested
b) Backendless:
Create a new backendless App called BasicTest
Open the Manage section in the management console
Copy the AppId and Secret in the AppDelegate.m file
Enter the Facebook App Id and App Secret in the social section
Open the Users section in the management console
Add a new property called "facebookId" type string then click "save"
In the list of properties, select "Identity" for the "facebookId" field
Unselect "required" for the "email" field
Select the "Security & Restrictions" tab of the Users section
Select NonAuthenticatedUser role and edit as shown in attached screen shot
Select AuthenticatedUser role and edit as shown in attached screen shot
Select SocialUser role and edit as shown in attached screen shot
Select FacebookUser role and edit as shown in attached screen shot
c) The app:
Unzip the app
Open the app folder in terminal
Run "pod install"
Open the workspace and run in simulator or device
B] Test 1:
Run the app and click on the Login button.
Authorize the app in Facebook.
A Fault is raised:
Login with Facebook - FAULT = User has no permission to create entity <User has no permission to create entity>
Results of Test 1:
A record has been created in the database for a new user but an error was raised anyway, inconsistent behaviour
None of the data requested from Facebook by the field mapping have been written to the database except the Facebook ID of the user. The fieldsMapping parameter is useless.
C] Test 2:
Logout - ignore error
Open the Data section in the management console
Select the Users table
Go into "Table Schema and Permissions"
Select Roles permissions
Grant NonAuthenticatedUsers permission to Create
Go back to "Data Viewer"
Delete all records in table "Users"
Go back to the app and click on the Login button
Click on Logout - A fault is raised:
Logout - FAULT = Unable to logout user due to error: user must be logged in. <Unable to logout user due to error: user must be logged in.>
Results of Test 2:
A record has been created in the database for a new user and all requested data from Facebook updated, fields were added as required
An error was raised on Logout warning that the user was not logged in - Why?
D] Test 3:
Open the Data section in the management console
Select the Users table
Delete all records in table "Users"
Run the app and click on the Login button - No error is raised
Enter some text into the first TextField (near the update profile button)
Click on Update profile button - A fault is raised:
Save user - FAULT = User has no permission to update entity <User has no permission to update entity>
Results of Test 3:
- User was registered successfully, data from Facebook successfully entered into DB
- Updating the profile raised an error
E] Test 4:
Logout - ignore error
Login again - no error is raised
Click on the "Update profile" button - no error is raised
Click on the "Update profile" button again - A fault is raised:
Save user - FAULT = User has no permission to update entity <User has no permission to update entity>
Results of Test 4:
The first call to the save: method of backendless.persistenceService is successfull
The second call to the save: method of backendless.persistenceService fails, which is consistent with results from tests 2 and 3
F] Test 5:
Logout - ignore error
Login again - no error is raised
Click on the gray square (imageView) and select any image to upload
Enter some text in the textField near to the "Create Post" button
Click on the Create Post button. The file is successfully uploaded but an error is raised:
Create post - FAULT = Property name contains invalid characters: user-registered <Property name contains invalid characters: user-registered>
Results from Test 5:
I'm getting frustrated and creating a small project for you guys to debug the platform.
G] Test 6:
Logout - ignore error
Login again - no error is raised
Enter some text into the first TextField (near the "Update profile" button)
Click on the "Update profile" button - no error is raised
Click on the gray square (imageView) if no image selected and select any image to upload
Enter some text in the textField near to the "Create Post" button
Click on the Create Post button - An error is raised:
Upload file - FAULT = HTTP 400 <bad request>
Results of test 6:
It looks to me that the access token either becomes invalid after the first call to the API or is not sent properly. Either way, only the first API call ever succeeds.
I am eager to continue using your platform for franckly there are still too many problems to solve.
I’ve spent a lot of time working around small bugs already but now I’ve hit major obstacles.
Thanks
BasicTest.zip (25.13kB)
Did this work for you before?
If it did, has anything changed on your side?
When and where did you get the SDK library from?
Mark
Some of my observations after reading your notes (I have not checked the code):
Test1:The error in (B)3 occurs because NotAuthenticatedUser has no permission to create objects in the Users table. This would need to be overwritten for the table (as you do so later on) and confirm that it actually works.
Test2:
All the steps after step 1 are invalid since there is an error on step 1 (Logout). This needs to be investigated and understood why the error has occurred. I suspect logout fails because the user was not properly created from before.
Test3:
Test4:
Could you please check the effective permissions for the table in question for all the roles and post a screenshot here? (are you updating Users or some other table?)
Test5:
property names with dashed are not allowed - the error is expected. You can try creating such a property in console and you will see the same error.
Test6:
How is this different from Test5 (when the upload worked)?
All in all, I see problems with misconfiguration of the permissions. We already know about a problem with updating user objects created through Facebook login (there is a fix in progress).
Regards,
Mark
Hi Mark,
Allow me to start by saying that I’ve spent a whole day dealing with these problems and over 1.5 hour putting together this demo project and test cases to describe to you the problems I’ve experienced.
I think that the minimum you could do is to run the tests I’ve carefully and precisely described to gain the understanding you need of the problems I’m describing. I’ve written each step as I was taking them, not adding or omitting even 1. In other words, you could have answered most or all of your questions yourself.
Nevertheless, it is important to me to help so here are my answers, in order of your questions:
Users running with the NotAuthenticatedUser role should not, in theory, have the right to write to the Users table to register, only the system. I remembered our previous conversations concerning superuser rights for server code and realised that maybe my settings were restricting the system itself from writing to the Users table. However, if you look at my results from Test 1, even though the client received a fault, a row was nevertheless written to the database. However you look at it, there is a problem here.
In Test 2 NotAuthenticatedUsers have permission to write to the Users table (local override). Note that at step 8 I delete the existing user in order to register from scratch. It doesn't make any sense that Logout should fail. If it does, please explain why.
Test 3 and Test 4 are fundamentally different. Test 3 is about registering a user and then updating its name. Test 4 is about login with an existing user and updating its name twice. I'm updating the Users table and the effective permissions are enclosed. In Test 4 please note that the first update works, the second fails.
Yes, I know that property names with a dash are forbidden, this is why it fails. "user-registered" is a property returned by the server to indicate that the user is freshly registered. This property should not even be there since the user was returned from a login in this particular test, not a registration. Test 3 was the last test with a registration. From Test 4 onward it's only Login operations.
Test 5 is different in that I'm updating the user profile before attempting to upload the file (steps 3 and 4)
"All in all, I see problems with misconfiguration of the permissions": This is very dismissive on your part. Yes, I set restrictive permissions on both data and files because I expect the system to honour the restrictions I require. All these API requests would work if I let NotAuthenticatedUsers do what they want, which I don't want to.
Mark, I didn't spend all that time explaining what problems I've found because I'm bored but because I want to help. I want to help because I expect to use a solid, stable system as a base to developing my apps. You obviously didn't bother trying the code or setting up the tests as I painstakingly described. If you prefer me not to waste your time (and maybe mine also) just let me know.
Thanks
Emmanuel,
I do thank you for putting your time in helping us make the system better. I also would you like you to understand that my job here as the CEO is to make sure you get a fast and prompt response and every problem posted by our users gets the attention it deserves. I do not think you’d find that many people in my role who would go that far to respond directly to users let alone run their code. I actually do both when I can. iOS is not my forte, hence had I ran your code, it would not do anything for me, so I delegated to my dev team to research (which is what we are doing now). I hope that gives you a better idea of how the responsibilities are divided here.
Regards,
Mark
Hi Mark,
I’m founder of 2 technology startups, CTO in one of them, CEO in the other, so I know what it means to share your time and efforts between different responsibilities.
In this instance, I come to you as neither and I believe that you failed to give me the attention I apparently deserve. Since you’re self admittedly not qualified to look into the problems I’ve submitted (which is more than OK, I’m sure you’re great at the other things you do), a more appropriate answer from you would have been the last few lines of your last response: “I’ve delegated to my dev team to research, we’ll be back too you soon”. I hope your guys find the problem and fix it, then I will be happy to have helped 
Regards,
Emmanuel
Hi Emmanuel,
Once again, thank you for putting your time for describing the problems you encountered and preparing an example demonstrating them. We have gone through the example and were able to reproduce the issues. Below is a report for each test you have described:
Test 1:
This is a bug. There should not be an error. Once it is fixed, a user object should be created if the SocialUser (or the FacebookUser) roles have the CREATE permission for the Users table.
Test 2:
If a user is deleted in console and there is a current session for the user, the logout operation will result in error since there is no way for the backend to validate the user session. The behavior you’re seeing is expected.
Test 3:
This is a side effect of Test 1. Since a user is logged with an error, a proper session is not established and the subsequent API calls result in errors caused by the security permission. Fixing the bug for Test 1 will result in this test passing.
Test 4:
This is a bug - after a successful update operation the user session is not maintained and all subsequent requests are executed with the “NotAuthenticatedUser” identity.
Test 5:
This is a bug - we will modify the server to ignore update/save requests which contain these properties.
Test 6:
This is caused by the same bug as described in Test5. Once the bug is fixed, the test will also pass.
We created internal tickets for all the bugs described above. It should not take long to get these out of the way.
Regards,
Mark
Hi Mark,
This is great news, thanks for looking into that and taking all the necessary steps to fix these problems.
I truly appreciate the quick feedback and the efficient work you guys are doing.
Regards,
Emmanuel
Hi Emmanuel!
We already updated production with server changes.
Could you run your BasicTest again to confirm that all works as you expect?
Regards,
Kate.
Hi Emmanuel,
The Backendless SDK 3.0.5 version has been deployed to Cocoapods, so you can use it.
The all scenarios described here now work right - try them again
Regards,
Slava
Hi Mark, Kate and Slava,
This is great! All is now working as expected, no errors reported.
You guys have done a really good job fixing these problems quickly and efficiently.
Thanks a lot for your dedication to making a great platform even better!
