CODEWITHSUNDEEP
angularfirebaseionic-framework
t0nty
t0nty

Reputation: 153

firebase rules for each user to write & read his own data

tried looking for it on web but can't get this solution.. I got a firebase DB on my app and want to each user (auth) to be able to read and write only his own data. got page in my app that generate the data that the user input but didn't get how to manage the rules so only the user itself could see and edit the data.

here are the rules:

{
"rules": {
".read": "auth != null",
".write": "auth != null"
  }
}

default ones! what can I do?

Working with ionic framework

Upvotes: 2

Views: 674

Answers (2)

Al-Mothafar
Al-Mothafar

Reputation: 8219

You can do something like this:

{
  "rules": {
      ".read": "auth.uid == $uid",
      ".write": "auth.uid == $uid"
  }
}

As for example:

{
  "rules": {
    "usersData": {
      "profiles": {
        "$uid": {
          ".read": "auth.uid == $uid",
          ".write": "auth.uid == $uid"
        }
      }
    }
  }
}

in this example, the user can only write into his account under path /usersData/profiles/[USER'S_AUTH_UID]/ with this the user can't read root path, can't see any profiles, and can't write to any node, except his own one.

Edit: Also, there is a tool from firebase called Bolt this should be helpful making things easier and easier to maintain, also make advanced rules a lot simpler to implement, look at their Guide here

Upvotes: 2

Greg_M
Greg_M

Reputation: 615

You should check this Firebase - secure user data

match /users/{userId} {
  allow read: if request.auth.uid == userId;
  allow write: if request.auth.uid == userId;
}

In this case each user have own db. Just push some data to this ref /users/{userId}

Upvotes: -1

Related Questions