Definition of Realtimedatabase rules

Asked

Viewed 23 times

0

As should be my rules, so that a user logged in the app has access, can read and write only in your requests ???

{

"requests" : { "-Lmqitihar-Vumkpq8fd" : { "name" means "asdasdsa", "tel" as in "213" }, "-Lmr1wgwingyew0rvpws" means{ "name" means "sadasd", "tel" is "123" } }, "users" : { "-Lmreq9jb7kbkaqhhymq" : { "cnpj" means "123456", "email" : "[email protected]" } } }

1 answer

0

To apply the order access rule (and the user’s own), you will need to add the Firebase Authentication user ID (UID) in the path that will be controlled.

Example user uid: "rvCXWGhMkbYul6wS9gfxQSAXbmq1"

{  
   "pedidos":{  
      "rvCXWGhMkbYul6wS9gfxQSAXbmq1":{  
         "-LMqiTIhAr-VUMKpq8FD":{  
            "name":"asdasdsa",
            "tel":"213"
         },
         "-LMr1wgwinGyew0rVpWs":{  
            "name":"sadasd",
            "tel":"123"
         }
      }
   },
   "users":{  
      "rvCXWGhMkbYul6wS9gfxQSAXbmq1":{  
         "cnpj":"123456",
         "email":"[email protected]"
      }
   }
}   

Rule for recording and reading:

{
  "rules": {
    "pedidos": {
      "$uid": {
        ".write": "$uid === auth.uid",
        ".read": "$uid === auth.uid",
      }
    },
    "users": {
      "$uid": {
        ".write": "$uid === auth.uid",
        ".read": "$uid === auth.uid",
      }
    }
  }
}

Source: https://firebase.google.com/docs/database/security/? hl=en

Browser other questions tagged

You are not signed in. Login or sign up in order to post.