Address review comments for UseUserAccessGroup implementation

google-labs-jules[bot] · google-labs-jules[bot] · commit c8f87a37bced · 2025-06-27T19:28:58.000Z
- Added Android stub for UseUserAccessGroup.
- Updated Doxygen comments in auth.h for clarity and accuracy regarding empty string handling.
- Modified iOS implementation to pass empty strings verbatim to the native SDK.
- Corrected error code used in iOS implementation when auth_data_ is null (kAuthErrorFailure instead of kAuthErrorUninitialized).
- Added a basic smoke test to integration_test.cc for iOS to ensure UseUserAccessGroup can be called.
diff --git a/auth/integration_test/src/integration_test.cc b/auth/integration_test/src/integration_test.cc
@@ -1513,4 +1513,18 @@ TEST_F(FirebaseAuthTest, TestLinkFederatedProviderBadProviderIdFails) {
 
 #endif  // defined(ENABLE_OAUTH_TESTS)
 
+#if TARGET_OS_IPHONE
+TEST_F(FirebaseAuthTest, TestUseUserAccessGroup) {
+  // This is a simple smoke test to ensure the method can be called
+  // without crashing on iOS and returns the expected default success.
+  // Deeper testing of keychain access group functionality would require
+  // more complex setup and is typically done manually or with UI tests.
+  EXPECT_EQ(auth_->UseUserAccessGroup(nullptr),
+            firebase::auth::kAuthErrorNone);
+  EXPECT_EQ(auth_->UseUserAccessGroup("test-group"),
+            firebase::auth::kAuthErrorNone);
+  EXPECT_EQ(auth_->UseUserAccessGroup(""), firebase::auth::kAuthErrorNone);
+}
+#endif  // TARGET_OS_IPHONE
+
 }  // namespace firebase_testapp_automated
diff --git a/auth/src/android/auth_android.cc b/auth/src/android/auth_android.cc
@@ -676,5 +676,10 @@ void DisableTokenAutoRefresh(AuthData* auth_data) {}
 void InitializeTokenRefresher(AuthData* auth_data) {}
 void DestroyTokenRefresher(AuthData* auth_data) {}
 
+AuthError Auth::UseUserAccessGroup(const char* access_group) {
+  // This is an iOS-only feature. No-op on other platforms.
+  return kAuthErrorNone;
+}
+
 }  // namespace auth
 }  // namespace firebase
diff --git a/auth/src/include/firebase/auth.h b/auth/src/include/firebase/auth.h
@@ -522,11 +522,9 @@ class Auth {
   /// This method is only functional on iOS. On other platforms, it is a no-op
   /// and will always return `kAuthErrorNone`.
   ///
-  /// If you are using iCloud keychain synchronization, you will need to call
-  /// this method to set the user access group.
-  ///
-  /// @param[in] access_group The user access group to use. Set to `nullptr` or
-  /// an empty string to use the default access group.
+  /// @param[in] access_group The user access group to use. Set to `nullptr`
+  /// to use the default access group. An empty string will be passed as an
+  /// empty string.
   ///
   /// @return `kAuthErrorNone` on success, or an AuthError code if an error
   /// occurred.
diff --git a/auth/src/ios/auth_ios.mm b/auth/src/ios/auth_ios.mm
@@ -610,10 +610,10 @@ void DestroyTokenRefresher(AuthData *auth_data) {}
 
 AuthError Auth::UseUserAccessGroup(const char* access_group_str) {
   if (!auth_data_) {
-    return kAuthErrorUninitialized;
+    return kAuthErrorFailure;
   }
   NSString* access_group_ns_str = nil;
-  if (access_group_str != nullptr && strlen(access_group_str) > 0) {
+  if (access_group_str != nullptr) {
     access_group_ns_str = [NSString stringWithUTF8String:access_group_str];
   }
 

Original file line number	Diff line number	Diff line change
`@@ -610,10 +610,10 @@ void DestroyTokenRefresher(AuthData *auth_data) {}`
`610`	`610`
`611`	`611`	`AuthError Auth::UseUserAccessGroup(const char* access_group_str) {`
`612`	`612`	`if (!auth_data_) {`
`613`		`- return kAuthErrorUninitialized;`
	`613`	`+ return kAuthErrorFailure;`
`614`	`614`	`}`
`615`	`615`	`NSString* access_group_ns_str = nil;`
`616`		`- if (access_group_str != nullptr && strlen(access_group_str) > 0) {`
	`616`	`+ if (access_group_str != nullptr) {`
`617`	`617`	`access_group_ns_str = [NSString stringWithUTF8String:access_group_str];`
`618`	`618`	`}`
`619`	`619`