Home > front end >  Firebase Realtime Database: Google warning for write rules
Firebase Realtime Database: Google warning for write rules

Time:09-13

I received a warning from Google (via e-mail) that the following realtime database rules are unsafe. It says that every authenticated user can write into the whole database, but I think that this is not true. Am I wrong?

The 'schema' has two database objects: 'items' and 'users'. The rules are as following:

{
  "rules": {
    "items": {
      ".read": true,
      ".write": "root.child('users').child(auth.uid).child('roles').child('admin').val() == true"
    },
    "users": {
      ".read": true,
      ".write": false
    }
  }
}

Thanks and regards Simon

CodePudding user response:

I seem to be correct and the write rules inhibit some users to write into the database, so that the warning appears to be a false warning.

Page link:https//www.codepudding.com/frontend/542778.html

Prev:How to call Firebase cloud function from React stream chat app
Next:c# - update list of objects from another list
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding