xrep
Reputation: 195
Firebase Security Rules -> prevent delete, write as unauthorized
I am trying to set Firebase security rules as:
- No one can read the data
- Anyone can write data, new record is under unique identifier
- No one can overwrite current data
- No one can delete data
The structure of the database is:
<db_name>
users
-L09I7kaAYExzzxB3N82 // this is unique ID generated by push()
....
My current rules are:
{
"rules": {
".read": "auth != null",
".write": "auth == null"
}
}
How to set it up?
Thanks!
Upvotes: 0
Views: 814
Answers (1)
Frank van Puffelen
Reputation: 599946
Something like this:
{
"rules": {
".read": false,
"users": {
"$uid": {
".write": "newData.exists() && !data.exists()"
}
}
}
}
I'd recommend reading the Firebase documentation, specifically the section on new data vs existing data.
Upvotes: 0
Related Questions
- Firebase Realtime Database prevent delete - based on condition
- Firebase Realtime Database Security Rules for prevent create/delete not working
- firebase security rule which will prevent the updation or deletion of existing node
- Allow delete and write with Firebase Rules
- Firebase Delete or a Create rule
- Firebase rules to prevent delete
- prevent "delete and update" a child in firebase
- Preventing Firebase deletions
- Firebase Security & Rules, How can I let users delete their own data?
- How to set security rules to prevent delete data in firebase?