kkost
Reputation: 3740
Firebase database rules: how to make field readonly?
I want to take to user ability to create some JSON data in my DB but restrict the ability to edit it in future. How should I write my rules?
"users": {
// ".write": "auth != null",
"$userUid": {
".read": "auth != null && $userUid === auth.uid",
}
}
Upvotes: 0
Views: 770
Answers (1)
Frank van Puffelen
Reputation: 598837
To make something read-only, simply don't grant write permission on it.
To make something create-only, only allow writing it if there's no existing data:
".write": "!data.exists()"
To then also make it so that the user can only write under their own node:
"$uid": {
".write": "!data.exists() && auth.uid === $uid"
}
To make something create-or-delete, allow writing a value when there's no data, nor writing no value when there is data:
".write": "!data.exists() || !newData.exists()"
Upvotes: 2
Related Questions
- firebase security-rules write access to only one specific field
- Firebase rules, deny edits after initial write, write depend on value
- Block user writing to specific field within firebase table
- Firebase rules - read only value which was in query
- Firebase DB rules set to read only by owner
- How to only allow one field to be written in firebase realtime database security rules?
- Firebase rule - how to restrict value to boolean?
- firebase read/write rules on specific fields
- Firebase Make Existing Data Unmodifiable but can write and read new data
- Firebase security rules: Allow read on anything except one field