In Firebase Cloud Functions (Javascript), we use database trigger like below,
functions.database.ref('/DoctorApp/DrTimeSlot/{doctorUID}/Patients/{patientID}')
.onCreate((snapshot, context) => {
// codes here
};
Here, {doctorUID} is not known so all function is working on all UIDs.
Is this possible to use the same method in Android Studio (Java)? below this code is not working for me, can you provide me the alternate of the code.
Query query = rootData.child("DrTimeSlot/{drUID}/Patients/").orderByChild("patientUID").equalTo(auth.getUid());
query.addValueEventListener(new ValueEventListener() {
@Override
public void onDataChange(@NonNull DataSnapshot dataSnapshot) {
//codes here
}
@Override
public void onCancelled(@NonNull DatabaseError databaseError) {
}
});
While not possible to use the same syntax as Cloud Functions, your query to find all doctors with a given patient ID can be achieved using:
Query query = rootData.child("DrTimeSlot").orderByChild("Patients/" + auth.getUid()).startAt(""); // startAt("") will exclude non-existent values
query.addValueEventListener(new ValueEventListener() {
@Override
public void onDataChange(@NonNull DataSnapshot queryDataSnapshot) {
if (queryDataSnapshot.hasChildren()) {
// handle no results
System.out.println("No results returned");
return;
}
for (DataSnapshot doctorDataSnapshot: dataSnapshot.getChildren()) {
// TODO: handle the data
System.out.println(doctorDataSnapshot.getKey() + " => " + doctorDataSnapshot.getValue());
}
}
@Override
public void onCancelled(@NonNull DatabaseError databaseError) {
// Getting doctors failed, log a message
Log.w(TAG, "findDoctorsForUser:onCancelled", databaseError.toException());
}
});
However, to permit such an operation, the client must have read access to every single doctor's data, even if the user performing the search is not a patient of that doctor. It will also be entirely processed on the client device which means downloading all of the data under "DrTimeSlot"
which is not recommended and is also a massive security & privacy risk.
Instead, in the user data of a particular user, store a list of their doctors. When you need to find them, download /users/userId1/doctors
and then get the needed patient data from each doctor restricting read/write access to that doctor and that user only.
"users": {
"userId1": {
"doctors": {
"doctorId1": true, // boolean value for simplicity
"doctorId2": "paediatrician", // could also use value for type
"doctorId3": 10, // or number of visits
"doctorId4": false, // or if they are an active patient of this doctor
},
...
},
...
}