Monthly Archives: May 2012

Imagine, for a moment: you’re building an app with a grand vision – it will have lots of users, user-generated content, and be so popular that it’ll need a team of people to curate the content and make sure everything lives up to your high standards. You’re defining a great feature set, and you’re designing your app with security in mind for the
protection of your users and your content. You’re on a roll! Well, perhaps more appropriately, you’re on a role.

Awesome puns and epic set-ups aside, Parse is excited to announce a new security feature for your apps: Role-based Access Control.

Parse’s existing security model allowed you to grant permissions (using ACLs) to read or write individual objects on a per-user basis.

You can now define a set of Roles for your application – groups of Users that share a common set of permissions. In the example above, the content curators might belong to a Role called “Curators”, and every piece of content your users create would be granted public read access, while limiting write access to members of the “Curators” Role:

PFObject *post = [PFObject objectWithClassName:@"Post"];
PFACL *postACL = [PFACL ACLWithUser:[PFUser currentUser]];
[postACL setPublicReadAccess:YES];
[postACL setWriteAccess:YES forRoleWithName:@"Curator"];
/* Add the user's content */
[postACL saveInBackground];

When a new curator has been hired, just add them to this role, and they will immediately have write access to all of that content and can get to work making sure the content meets your standards.

Roles provide a rich model for granting permissions to groups of users. We also support Role hierarchies, making management of complex groupings of users and inheritance of privileges possible.

Check out our iOS, Android, and REST API docs for more information about Role-based access control on Parse!

Here at Parse, we’re always looking for ways to make it easier to import and export your data. Today we’re happy to announce that we’re rolling out a new and improved CSV importer.

To try importing your CSV data, just click the import button from the data browser.

With the CSV importer you can import almost all Excel spreadsheets into Parse (just export to CSV format and import that file to Parse). The data browser lets you view and edit your data in your web browser, with the look and feel of an Excel spreadsheet.

The CSV importer accepts XLS, TXT, and CSV file formats. It currently supports number, boolean, and string formats for any column, but GeoPoint and more are on the way. Also the new importer supports much larger files (up to 1G in size).

If this CSV importer doesn’t suit your needs, try out the REST API, which is more flexible. You can read more about importing data with the REST API in our docs.

Anyone who has gone through our iOS push tutorial knows just how many steps are involved in setting up push notifications for an iOS app. While many of these steps are outside of our control, we’ve recently introduced features to ensure a smooth setup process, like automatically detecting the development/production setting for your certificate, and immediately alerting you if you upload an invalid certificate.

Today, as part of our iOS push improvements, we’re rolling out the ability for our Pro and Enterprise customers to upload multiple iOS push certificates for a single Parse app. If you have pro and lite versions of your app, or a series of related apps that are backed by the same data, you can upload the certificate from each iOS app on your settings page. When you send a push, Parse will automatically detect which device belongs to which certificate and make sure that your push reaches all subscribers. Make sure to tag each certificate with a descriptive name so that you can tell them apart if you need to download them at a later date.

We hope this helps you create apps with the ability for users to seamlessly upgrade from lite to pro. And remember, we are offering a 30-day free trial for upgrading your Parse account to the Pro plan.

It was once said “The internet is not something you just dump something on. It’s not a big truck. It’s a series of tubes.” Today we pay homage to the late Senator Stevens through a collection of PFFile improvements that make better use of iOS resources.

Does this NSData make my app look big?

You have big dreams for your app. You may also have big assets for your app too. Developers with many large distributed assests worry about hitting the memory limits of mobile development. Consider the following example which uploads a 9.3MB PFFile:

That’s right: uploading a file of size X can have a size 2X impact on memory footprint. Why? Developers often load assets directly into an NSData and pass that data to a network stack. Because iOS uses a shared memory ownership model, the network stack must then make a deep-copy of the data or it will crash if other code mutates it.

There must be a better way

If NSData is expensive, why do developers use it? Because it’s so easy! -[NSData dataWithContentsOfFile:] lets us write one line of iOS code that could have taken dozens on other platforms. Today we’re unveiling -[PFFile fileWithName:contentsAtPath:]. It’s as easy as NSData and uses dramatically less memory.

When you call -[PFFile fileWithName:contentsAtPath:] Parse will never need to hold a large file in memory at once. Instead, we copy the file itself to a private location. We read small bits of the file as
needed when we send the data to Parse. This reduces the total memory footprint from megabytes to kilobytes:

But wait: there’s more!

This design has additional advantages: The size of a PFFile stays the same, even after getting its data. The cache is on disk and will not risk your app getting a memory warning. If you release your PFFile and get a new copy from a PFQuery, you won’t need to go back to the network. The new PFFile knows how to find the old disk cache. PFQuery and PFFile caching work in tandem to form a powerful one-two combo of great performance.

In a previous blog post, we highlighted our support for many-to-many relationships. In the past week, we’ve improved our handling of large many-to-many relationships, which was cumbersome with the simple array of PFObject approach. Now you can use the PFRelation primitive to deal with large many-to-many relations. The same scenario of keeping tracking of people who like a restaurant would look like:

// Let's say people is an NSArray of "Person" PFObjects.
PFObject *place = [PFObject objectWithClassName:@"Place"];
[place setObject:@"Sid's BBQ" forKey:@"name"];
PFRelation *relation = [place relationForKey:@"likes"];
for (PFObject *person in people) {
  [relation add:person];
}
[place saveInBackground];

When you fetch the Place object, the objects in the relations won’t be fetched, which is a huge win for a relationship with a large number of objects. Even without fetching all the objects in the relation, you can add objects to the relation using add:. If you wanted to fetch all the objects in the relations, you would do something like:

PFRelation *relation = [place relationForKey:@"likes"];
PFQuery *query = [relation query];
[query findObjectsInBackgroundWithBlock:^(NSArray *results, NSError *error) {
    // results contains all the people who liked Sid's BBQ.
}];

If you only wanted to fetch a subset of the people who liked a Place, you can add other query constraints to the query that was returned by the relation.

PFQuery *query = [relation query];
[query whereKey:@"location" equalTo:@"Savannah"];
[query findObjectsInBackgroundWithBlock:^(NSArray *results, NSError *error) {
     // results contains all the people who liked Sid's BBQ who are in Savannah
}];

You can still do all the queries on the Places Class that you could do before with arrays of PFObject such as:

PFObject *personNamedBob = ...;
PFQuery *query = [PFQuery queryWithClassName:@"Place"];
[query whereKey:@"likes" equalTo:personNamedBob];
[query findObjectsInBackgroundWithBlock:^(NSArray *results, NSError *error) {
    // results contains all the places liked by Bob.
}];

// Create a query for People in Australia
PFQuery *query1 = [PFQuery queryWithClassName:@"Person"];
[query1 whereKey:@"location" equalTo:@"Australia"];

// Create a query for Places liked by People in Australia.
PFQuery *query2 = [PFQuery queryWithClassName:@"Place"];
[query2 whereKey:@"likes" matchesQuery:query1];
[query2 findObjectsInBackgroundWithBlock:^(NSArray *results, NSError*error) {
   // results contains the places that are liked by people from Australia
}];

For more information about PFRelation please take a look the Relation Section of the iOS Guide. Android developers can look at the Relation Section of the Android Guide for information and examples for Android.

Here at Parse, we’re always looking for ways to make it easier to manage and protect access to your users’ data. Today we’re rolling out an update to our data browser that allows you to view and modify ACLs for your objects stored with Parse.

You can read more about ACLs in our docs. Remember to protect your users’ data using ACLs, and thanks for using Parse!

The main idea behind Parse is to simplify developer’s lives by offering tools to make building apps easier and faster. We keep this goal in mind with everything we build.

Every day, we continue to add more features to our APIs. But making a successful platform isn’t always about adding new features. It can also be about improving the design of the workflows.

Today, we’re introducing a redesign of our application management console. We’ve dramatically improved and simplified the experience, while keeping all of the great features you love. Specifically, it’s now much easier to manage the various settings on your app.

But, this is just the first step. We’re already working hard on some of the next iterations. Stay tuned!

Parse users love our password reset and email verification features, but some customers have asked for better control over these experiences. Perhaps your customers don’t speak English, or you have a well defined brand that you want these experiences to adhere to. Or maybe you just don’t like your users knowing that you use parse.com as your backend. Today we unveil a series of tools to give pro and enterprise customers unparalleled control over their brand with Parse. The following new features are accessible from your app settings page today:

Mail Templates

Password resets and email verifications require us to email links to your users. Last month we unveiled the ability to set the email address we use to send this email. Today we announce the ability to customize the email text too. Email templates use a simple markup language that replaces %username%, %email%, %appname%, and %link% with their appropriate values.

For example, the body:

Thank you for joining %appname%. We’re excited to have you onboard. To access our premium features, please verify your email address by clicking this link: %link%.

Would send the following email to your users:

Thank you for joining AnyWall. We’re excited to have you onboard. To access our premium features, please verify your email address by clicking on this link: some link

Custom Pages

We’ve rewritten our password reset and email verification features with a novel approach to the Model-View-Controller design pattern. The Parse server is the “controller” for your app and provides default views. Developers who wish to control the design of these pages can tell Parse to use modified versions of these pages instead. Each view is a simple and clearly written HTML/CSS/JavaScript page. Download any user-facing page and modify it as you wish. Put your modified version online and give us its address to replace that view in your app.

Consider the Password Reset workflow:

1. A user is mailed a link with which he or she can choose a new
   password
2. The user clicks the link and is forwarded to choose_password.html to select a new password.
3. The user submits his or her new password & is informed that the new password has been successfully set by password_reset_success.html
4. If malicious users attempt to reverse engineer the password reset link, they are sent to invalid_link.html

Each of these three pages can be replaced in the app settings page. You
could add a corporate logo or stylesheets to each page. Parse will use your pages as a replacement for our defaults.

Parse Frame

Password resets and email verification require us to email your users a link to parse.com. Some of our developers would prefer this link point to their domain instead of ours. The Parse
Frame is an HTML page that will let you host these experiences from your domain.

If you upload the Parse Frame file to your server and give us its link, we can email your customers URLs to this page instead of URLs that point to parse.com. This feature can be used in conjunction with Custom Pages to control both the look and address of your user experience.

One More Thing…

We are excited about these new features for Pro and Enterprise users. To celebrate, we are offering a free month to all new Pro account upgrades.

Things move fast and furious here at Parse. Our philosophy is centered around quickly shipping new features to our platform on a daily basis. We’re laser focused on continually improving our platform so that you can focus on building your mobile app and not on building the infrastructure.

All this means we ship new versions of our iOS and Android SDKs pretty often. Today, we’ve released a new downloads page that includes a changelog so that you can keep up with the releases we’re pushing for our SDKs. We hope you’ll find this useful especially as you decide when to incorporate updates to your apps.

You can also subscribe to the changelog RSS feed, which will be updated whenever we push out a new release.