Home > OS >  How to set Firebase rules to allow only listed userid in a db to r/w in another database
How to set Firebase rules to allow only listed userid in a db to r/w in another database

Time:12-04

How to set Firebase rules to allow only listed userid in a db (or a key or node or subset of a db) to r/w in another key/subset of the same database?

This link only mentioned of w/r of the same node/key/subset of a db.

What I want to set is for example the following db :

'SomeDB' : { 
  'ListOfUsers': { 
    'key1' : { 'key': 'key1', 'name' : 'name1' }, 
    'key2' :  { 'key' : 'key2', 'name':'name2'}, 
    and so on... 
  }, 
  {'SomethingForWR': 'Some Database'}

The rules should be read and write is only allowed for 'SomethingForWR' (which is part of 'SomeDB') if the 'auth.uid' is equal to one or one of the keys in 'ListOfUsers' (which is also part of 'SomeDB')

CodePudding user response:

If you want to check if a key exists in ListOfUsers you can do so with:

root.child('ListOfUsers').child('keyYouWantToCheck').exists()

With that knowledge, your rule to allow a user access to SomethingForWR if their UID exists in ListOfUsers could be something like this:

{
  "rules": {
    ...
    "SomethingForWR": {
      ".read": "root.child('ListOfUsers').child(auth.uid).exists()"
    }
  }
}
  • Related