Firebase security rules, setting a children not readable?

Question

So I have this db structure:

Under profile I want email & provider-name to be readable only for admin and Username readable for every logged in user. How I can achieve that?

Here is my rules:

{
   "rules": 
   {
     "users":
     {
       "$uid":
       {
         // grants write access to the owner of this user account whose uid     must exactly match the key ($uid)
        ".write": "auth !== null && auth.uid === $uid",
        "profile":
        {
          // grants read access only for registered users
          ".read": "auth !== null",
          "email":
          {
            // This doesn't work with firebase as I was reading doc.                      
            ".read": false
          }
        }
       }
     } 
   }
}

Answer 1

So after a bit of research and reading about denormalize structure I guess this way will work. The fact is that I'm tempted to nest, but probably is a bad idea on firebase.

{
       "rules": 
       {
         "users":
         {
           "$uid":
           {
             // grants write access to the owner of this user account whose uid must exactly match the key ($uid)
            ".write": "auth !== null && auth.uid == $uid",
            "public-profile":
            {
              // grants read access only for registered users
              ".read": "auth !== null"
            }
           }
         },
         "private-profile": 
         {
           "$uid":
           {
               ".read":  "root.child('users').child(auth.uid).child('role').child('admin').val() === 'true' && root.child('users').child('1').child('role').child('admin').val() === 'true'",
               ".write": "root.child('users').child(auth.uid).child('role').child('admin').val() === 'true' && root.child('users').child('1').child('role').child('admin').val() === 'true'"
           }
         }
       }
    }