Reputation: 2687
Too easy to delete whole database
Is there a way to protect the database from deletion? I mean it's very easy to click on the "x" next to the root node. This would destroy the whole app and cause an enourmous mess to deal with.
How to deal with this fragility?
EDIT:
Let's assume I have two firebase accounts: one for testing and one for the launched app. I regularly log in and out to use the other one. On the test account I delete whole nodes on a regular basis. An activated password protection would avoid a very expensive confusion of the two accounts.
Upvotes: 2
Views: 196
Answers (1)
Reputation: 599041
If you give a user edit access to the Firebase Console of your project, the user is assumed to be an administrator of the database. This means they can perform any write operation to the database they want and are not tied to your security rules.
As a developer you probably often use this fact to make changes to your data structure while developing the app. For application administrators, you should probably create a custom administrative dashboard, where they can only perform the actions that your code allows.
There is no way to remove specific permissions, such as limiting the amount of data they can remove. It could be a useful feature request, so I suggest posting it here. But at the moment: if you don't trust users to be careful enough with your data, you should not give them access to the console.
As Travis said: setting up backups may be a good way to counter some of this anxiety.
Upvotes: 1
Related Questions
- How to remove all data from a Firebase database?
- How to delete from firebase realtime database?
- How to delete many of data in "Realtime Database"
- Delete node from firebase database
- delete from firebase real time database
- Deleting of firebase real-time database is not working in web
- How to prevent delete database from console?
- Deleting Firebase Database on new design
- Deleting firebase data from a web application
- Android Firebase Database : Delete