dabo248
Reputation: 3437
Firebase security rules with wildcards
I've got a data structure like this:
How can I access /Restaurant/-KK37k6g5cYYippEHpZ3/User/-KK37k6g5cYYippEHpZ4/id's value within the firebase security rules? The two push keys should be wildcards. I need something like this:
"Restaurant": {
"$id": {
".read": "auth.uid != null",
".write": "data.child($id).child('User').child($anotherWildcard).child('id').val() === auth.uid"
}
}
Upvotes: 3
Views: 2673
Answers (1)
adolfosrs
Reputation: 9389
Not sure if I fully understood what you are asking for but here goes my thoughts.
The first problem in your rule is that you are specifying child($id) but you already are inside the $id. it is implicit in your data that you are referring to $id.
To resolve your main problem you wont need another wildcard. You can just use hasChild to verify if the auth.uid is inside restaurant/user.
"Restaurant": {
"$id": {
".read": "auth.uid != null",
".write": "auth.uid != null && data.child('User').hasChild(auth.uid)"
}
}
Upvotes: 5
Related Questions
- Temporary Variables in Firebase Security rules
- Firebase Realtime Database Rules not Working
- FireBase Security Rules not working with auth.uid
- Firebase realtime database phone security rules
- Firebase Security Rules?
- Firebase Security Rules Block Writing to Firebase
- Using field in Firebase security rule that is not stored in data
- Firebase: set security rules depending on user roles