Reputation: 367
Structuring Firebase data for security rules between user groups
I'm using Firebase for an app with the following tree structure...
- groups
- $group_id
- users
- $user_id
- users
- $user_id
- groups
- $group_id
Pretty simple - users belong to groups and this relationship is stored both at a 'users' location and a 'groups' location.
I'm looking to write security rules that only allow users to read from other users' Firebase location if they belong to the same group (i.e. if any of their $group_ids match). How should I structure my data in order to ensure this and what does the actual security 'read' rule syntax look like?
Upvotes: 3
Views: 605
Answers (1)
Reputation: 1
It's a bit old, but since I was on the same path today I would like to share my finding here since it helped me a lot to get a frip ont the rules: https://firebase.googleblog.com/2016/10/group-security-in-firebase-database.html
Upvotes: 0
Related Questions
- Firebase Realtime database Rules Groups with shared data
- Firebase Storage Security Rules for Groups
- Understanding Basic Firebase Security Rules on Firebase
- Firestore Security Rules for Query with Array Contains
- User and group permissions in firebase security rules
- How can I configure Firebase Security Rules to only allow writes from a CURL/PHP source?
- Firebase: set security rules depending on user roles
- Are Firebase Security Rules validations atomic?