CODEWITHSUNDEEP
firebasefirebase-realtime-databasefirebase-security
Kegham K.
Kegham K.

Reputation: 1614

Need to add a rule in Firebase DB

I want to add a rule to limit the max int that could be saved in the no_of_orders field to 2. The OrderSchedule document data is pre-populated via the app I'm developing.

Here is the jsonExport data.

    {
  "OrderSchedule" : {
    "13-Oct-2016" : {
      "13:00 - 14:00" : {
        "no_of_orders" : 4
      }
    }
  },
  "Orders" : {
    "-KTpIn4HeuDBDliCnTSA" : {
      "car_Model" : "Van",
      "date_Created" : 1476212105,
      "date_Scheduled" : "13-Oct-2016",
      "service_Type" : "Shine",
      "status" : "Scheduled",
      "time_Scheduled" : "13:00 - 14:00",
      "uid" : "sms|57f7b267e618d33da23e65ce"
    },
    "-KTpJ6BREc695pv4Ue6s" : {
      "car_Model" : "SUV",
      "date_Created" : 1476212188,
      "date_Scheduled" : "13-Oct-2016",
      "service_Type" : "Detailed",
      "status" : "Scheduled",
      "time_Scheduled" : "13:00 - 14:00",
      "uid" : "sms|57f7b267e618d33da23e65ce"
  },
  "users" : {
    "sms|57f7b267e618d33da23e65ce" : {
      "created_at" : 1475868493,
      "email" : "[email protected]",
      "phone" : "+0000000000",
      "username" : "balouza"
    },
    "sms|57fa9701e618d33da240efa5" : {
      "created_at" : 1476040501,
      "email" : "[email protected]",
      "phone" : "+00000000000",
      "username" : "bolzo"
    }
  }
}

Security rules:

{
  "rules": {
    ".read": "auth != null",
    ".write": "auth != null",
      "max": {
        ".write": "auth != null"
      },
        ".OrderSchedule": {
          "$date": {
            "$timeSlot": {
              "no_of_orders": {
                ".validate": "newData.val() <= root.child('max').val()"
              }
            }
          }
        }
   }
}

Screenshot of firebase db

Upvotes: 1

Views: 635

Answers (1)

Dravidian
Dravidian

Reputation: 9945

Save a parent node key-value pair in your Database.

{
   max : 2, 
   "OrderSchedule" : {
     "13-Oct-2016" : {
       "13:00 - 14:00" : {
         "no_of_orders" : 4
       }
     }
    },
    "Orders" : {
    "-KTpIn4HeuDBDliCnTSA" : {
      "car_Model" : "Van",
      "date_Created" : 1476212105,
      "date_Scheduled" : "13-Oct-2016",
      "service_Type" : "Shine",
      "status" : "Scheduled",
      "time_Scheduled" : "13:00 - 14:00",
      "uid" : "sms|57f7b267e618d33da23e65ce"
         },  
       ...

    }

In your security rules just add :- 

  {
  "rules": {
   "max" : {
     ".write" : "false"
     },
    "OrderSchedule": {
      "$date":{
       "$timeInterval":{
          "no_of_orders":{
            ".validate": "newData.val() <= root.child('max').val()"
          } 
       }
     }
    }
  }
}

And if you want only the authenticated users to read and write in your database , use these :- 

{
  "rules": {
    ".read": "auth != null", 
    ".write": "auth != null",
    "max" : {
     ".write" : "false"
     }, 
    "OrderSchedule": {
      "$date":{
       "$timeInterval":{
          "no_of_orders":{
            ".validate": "newData.val() <= root.child('max').val()"
          } 
       }
     }
    }
  }
}

Upvotes: 1

Related Questions