Ad

How Can I Set Up My Firebase Rules So Only Content-owners Have Read And Write To Their Data?

I have checked the documentation but I am not sure how to apply that rule to my specific data structure, please check how my data is organized and provide me the rules as it is supposed to go.

I am using realtime Database, in my app code I write and read base on the user ID, but firebase keeps telling I should change my rules.

enter image description here

Ad

Answer

To apply the rules in the documentation on content-owner only access to your structure would take:

{
  "rules": {
    "Expenses": {
      "$uid": {
        // Allow only authenticated content owners access to their data
        ".read": "auth != null && auth.uid == $uid"
        ".write": "auth != null && auth.uid == $uid"
      }
    },
    "Users": {
      "$uid": {
        // Allow only authenticated content owners access to their data
        ".read": "auth != null && auth.uid == $uid"
        ".write": "auth != null && auth.uid == $uid"
      }
    }
  }
}
Ad
source: stackoverflow.com
Ad