How to restrict the collection format with rules in the Firebase Realtime Database?

Asked

Viewed 18 times

1

When registering a user, I have to send this json to endpoint:

{
  "email": "[email protected]",
  "firstName": "João",
  "lastName": "Silva",
  "password": "*********",
  "birthday": "2000-01-01"
}

However, I have to perform the validations; for this, I am using the following rules:

{
  "rules": {
    ".read": false,
    ".write": false,
    "users": {
      ".read": true,
      ".write": true,
      "$uid": {
        ".validate": "
            newData.hasChildren(['firstName', 'lastName', 'birthday', 'email', 'password']) &&
            newData.child('birthday').val().matches(/^(19|20)[0-9]{2}\\-(0[1-9]|1[1-2])\\-(0[1-9]|[1-2][0-9]|30)$/i)
        "
      }
    }
  }
}

Now, the problem is: If I try to send a json with fewer keys than those specified by the rules, it won’t be possible. However, if I submit a json containing the keys specified by the rules and other additional keys, then it will add smoothly.

Example:

ERROR

{
  "email": "[email protected]",
  "firstName": "João",
  "lastName": "Silva",
  "password": "*********"
}

SUCCESS

{
    "email": "[email protected]",
    "firstName": "João",
    "lastName": "Silva",
    "password": "*********",
    "birthday": "2000-01-01",
    "nao_previsto": "valor"
 }

Is there any way to validate this json in such a way that: ONLY be inserted into the database if the json sent in the request follows EXACTLY the format (NO INSERT unforeseen keys)?

No answers

Browser other questions tagged

You are not signed in. Login or sign up in order to post.