Ad

How To Fix Security Rules For NewData On Set Function

Im working on an ionic app, i would like to send data to my firebase realtime-database as an object and compare the data with something, however on the server side which is my security rules for the newData, the write rule seems to be incorrect.

This is my sending code

var firebaseRef = this.afd.database.ref();
firebaseRef.child('Download/01/1').set({password:2431,name:'john'});

my database node should be written here

Download: {
  01 : {
      1: { // the data will be written here

      }
  }
}

and this is my security rules

"Download": {    
   "$id": { 
      ".write": "newData.child('password').val() === 4321"
   }
}

As you can see, i have purposely written the password on my set function '2431' in order to be process as incorrect during the validation of write rules, however the write rule still proceeds in writing the database even though the password it receive is incorrect, can you advise what should correct in my code? Thanks

Ad

Answer

Your rules and query don't match. You're writing to "Download/01/1", and password is set at "Download/01/1/password". However, your rules are set at "Download/XX", and newData.child('password') is referring to "Download/XX/password" (note that the "1" is missing in the path). Perhaps you meant something like:

"Download": {    
   "$id": {
      "$i": {
        ".write": "newData.child('password').val() === 4321"
      }
   }
}

Or maybe:

"Download": {    
   "$id": { 
      ".write": "newData.child('1').child('password').val() === 4321"
   }
}
Ad
source: stackoverflow.com
Ad