Reputation: 53600
How to grant write access to only a person within Rules?
I am little bit confused about setting permissions in Rules section of my Firebase database.
I am working on an app (which is a Book actually) and the app must be updated by only one person with this email address: [email protected]. Therefore the rest of people, either authenticated or not, must not be able to modify the contents, but they are allowed to read.
Upvotes: 0
Views: 80
Answers (1)
Reputation: 58400
If you look at the Firebase Security Rules API, you'll see that the user's email address (if there is one) is made available via auth.token.email.
So to grant write access to the entire database to the user with the [email protected] email address and read access to everyone else, you could define rules like this:
{
"rules": {
".read": true,
".write": "auth !== null && auth.token.email === '[email protected]'"
}
}
Said rules would grant read access to everyone. If you wanted to grant read access only to authenticated users, you could use:
{
"rules": {
".read": "auth !== null",
".write": "auth !== null && auth.token.email === '[email protected]'"
}
}
Upvotes: 1
Related Questions
- How to set the read and write rules for a specific user in Firebase Realtime Database?
- firebase security-rules write access to only one specific field
- How can I give write permission to a specified user in Firebase?
- Firebase rules: enable write on a specific node only for one user uid
- Firebase Realtime Database rules to allow a single user Write access
- firebase realtime db security rule to allow specific users
- Firebase Realtime Database read rule for specific user
- Set rule to allow unauthenticated users to only write new data in Firebase database
- Firebase rules to allow some user access
- firebase database rule allow read/write to specific users with specific info