How do I give read/write access to all nodes with Firebase rules?

7.9k views Asked by At

Default setting gives full access:

{
  "rules": {
    ".read": true,
    ".write": true
  }
}

For the sake of testing my understanding of rule-writing from the Firebase guide and documentation, I'm (now retreating to) trying to achieve the same results by writing rules for the 4 parent nodes.

If it makes a difference, the first two nodes only have values, no children. **Sidequest: are they still called nodes?

The rules below cause the same behavior as when the rules above are changed to false read and write.

    {
  "rules": {
    "myNode1": { 
      ".read" : true,
      ".write" : true
    },
    "myNode2" : {
      ".read" : true,
      ".write" : true
    },
    "myNode3" : {
      ".read" : true,
      ".write" : true
    },
    "myNode4" : {
      ".read" : true,
      ".write" : true
    }
  }
}

What is wrong with my rules?

UPDATE/context:

I have an authDataCallback that stops running here (within the if (authData) { clause):

var ref = new Firebase("https://<my>.firebaseio.com")

ref.once("value", function(snapshot){ 

Found that if I change the ref var to something more specific: var ref = new Firebase("https://<my>.firebaseio.com/myNode1"), the authDataCallback runs in entirety.

Surely it won't be necessary to produce snapshots of the entire database; this was a confused way of getting the data I need. I've updated, but I'm still confused about why the rules held up the callback considering I gave read and write to the whole database.

1

There are 1 answers

0
Jay On BEST ANSWER

I think this is the answer based on the info provided:

The two sets of rules you posted are different. The first set

{
  "rules": {
    ".read": true,
    ".write": true
  }
}

allows everyone read and write access to every node, including the parent node, within your firebase at

https://<my>.firebaseio.com

The second set of rules allows everyone access to specific nodes within your firebase reference but blocks access to all other nodes including access to the parent node. In the update the code is trying to read the parent node which has no rules defined for it so by default read and write are false.

So say you have the following structure:

https://whirlygig.firebaseio.com

Whirlygig
  someRandomData: "3.141"
  otherRandomData: "6.02"
  myNode1
    firstName: "first"
    lastName: "last"
  myNode2
    first: "first"
    last: "last"

With your first set of rules, everyone can access someRandomData as well as the myNode1, myNode2 etc.

With the second set of rules, everyone can access ONLY myNode1 and myNode2 but cannot access someRandomData