Is it possible to write more advanced paths, dependent on a certain condition, in the user_privacy.json file to delete user data through the clearData() cloud function?
More specifically, we have a rather complex database structure implemented in firebase realtime database, and we are trying to implement a way for the user to automatically initiate account deletion from our app clients, which will also clear the database of any user generated data.
For example, we have feed entries which are stored in path:
/feedEntries/feedEntryId
and we would like to delete the entire feed entry where the user id equals the content of the following path:
/feedEntries/feedEntryId/profileKey
We assume that if we just write the path as stated in the docs for the clearData function, it will only remove the contents of the profileKey entry of the feed entry in question:
"database": { "clearData": [ "/users/UID_VARIABLE", "/feedEntries/feedEntryId(?)/profileKey/UID_VARIABLE" ]
What should be in place of the feedEntryId, to represent a dynamic feed entry id, making it check all feed entries for the profileKey in question? Is it possible to make it delete the whole feed entry based on a comparison of the UID_VARIABLE and the contents of the "profileKey" entry?
If this is not possible, might we be able to achieve something similar, using db rules maybe?
Thanks in advance.
CodePudding user response:
1 . Proposition edit your rules to check if the user is allowed to delete : check if user token is the same user connected
match /anonymous/{anonymousId} {
allow delete: if request.auth != null && request.auth.uid == anonymousId;
}
2 . Proposition edit your rules to check if the user is allowed to delete: you can also match the uid with another document's data or property
match /items/{itemId} {
allow delete: if (get(/databases/$(database)/documents/userAdmin/$(request.auth.uid)).data.itemId == itemId
}
- Proposition use Cloud function transaction or batched writes, run forEach on collection and remove document one by one inside a single transaction, please find below link on documentation
Cloud function transaction, batched writes
CodePudding user response:
ok, you right ! no remove (aggregation) rule with real-time database only .write
however I'm sure you can solve your problem with transaction, the principe is to read what you want before update.
so you can read and check profileKey === feedEntryId, then you remove your item with update null or remove method
doc firebase realtime-database: transaction with real-time database