Reputation: 1317
How to structure Firebase data and rules for sharing data between users?
Currently I have a simple todo app whereby users can create a list then tick off items as done. The data is structured as follows: '/acc_' + USER_ID +'/done' and '/acc_' + USER_ID +'/todo'. As items are "done" they are moved to the done list.
What I'd like is for a user to be able to share a list with another authenticated user.
The rules currently look like the following which seem to work.
{
"rules": {
"$userPath": {
".read": "auth != null",
".write": "auth != null",
".validate": "$userPath === 'acc_' + auth.id"
}
}
}
What I think I need to do is have each user having an array of approved email addresses have somehow hook that into the security rules.
Alternatively I could make a list in the root and have only the creator and shared users access it.
Any guidance?
Upvotes: 6
Views: 3866
Answers (1)
Reputation: 7428
Since the user decides who'd they like to share the list with, I'd store that information in the user data itself. For example:
{
"rules": {
"$userPath": {
".write": "$userPath == 'acc_' + auth.id",
".read": "$userPath == 'acc_' + auth.id || root.child($userPath).child('shared').hasChild(auth.id)"
}
}
}
And then store the list of users the data is shared with in acc_userid/shared/
Upvotes: 1
Related Questions
- Firebase: How to structure public/private user data
- Firebase rules - allow users access only their own data
- Firebase database rules for group-shared data
- How to share data between users in Firebase?
- Firebase - How to write/read data per user after authentication
- How to structure data with Firebase to allow data to be user specific and also public?
- How to store data per user and prevent others to see them
- Firebase data structure and security rules
- Firebase data structure & security
- Firebase Security Rules: Public vs. Private Data