Firebase security rules custom field

Question

Firebase security rules custom field

364 views Asked by WJA At 15 June 2015 at 09:23

My Firebase security rules look as follows:

"users": {
      "$uid": {
        // grants write access to the owner of this user account whose uid must exactly match the key ($uid)
        ".write": "auth !== null && auth.uid === $uid",

        // grants read access to any user who is logged in with an email and password
        ".read": "auth !== null && auth.provider === 'password'"
      }
    },

In addition, I have a custom userId, which I store in users/$uid. So as an example my users/$uid look as follows:

users
   /$uid
       /email: [email protected]
       /userId: "foobargayid123456"

I use this userId in other nodes, for example the node profile_pictures to set the dependencies:

profile_pictures
   /userId
       /thumbnail: "datablabla"

Question

How can I set the security rules in firebase for the node profile_pictures such that only user with id: users/$uid/userId can .write the node profile_pictures/userId

Original Q&A

There are 1 answers

**Frank van Puffelen** · Accepted Answer · 2015-06-22 16:55:34

Frank van Puffelen On 22 June 2015 at 16:55 BEST ANSWER

I think this is what you're looking for.

{ 
  "rules": {
    "profile_pictures": {
      "$userId": {
        ".write": "
          root.child('users').child(auth.uid).child('userId').val == $userId"
      }
    }
  }
}

TechQA.

Firebase security rules custom field

There are 1 answers

Related Questions in JAVASCRIPT

Related Questions in ANGULARJS

Related Questions in FIREBASE

Related Questions in ANGULARFIRE

Related Questions in FIREBASE-SECURITY

Popular Questions

Popular Tags

Trending Questions