How to only allow one admin user to write Firebase Database?

12
votes

I am trying to set up a Firebase database that only I can write. So no user will have permission to write anything. But everyone will be able to read it.

However, I could not set up the rules for it. I have one admin user that I created using Email/Password login, and I know its UID. Let's say my UID is: dJrGShfgfd2

I tried these two methods, but they didn't allow me to write to database.

{
  "rules": {
    "events": {
      ".read": true,
      ".write": "auth.uid === 'dJrGShfgfd2'"
    }
  }
}

.

{
  "rules": {
    "users": {
      "$user_id": {
        ".read" : true,
        ".write": "$user_id === 'dJrGShfgfd2'"
      }
    }
  }
}

So how do I allow only one user with a specific UID to write anything to database?

1
firebasefirebase-realtime-databasefirebase-authenticationfirebase-security
The rules in the first snippet should be okay. They should grant write access to the events path for the admin and read access for others.cartant
Wait I dont have events path or something in my database. How do I define write rules that apply everywhere?yigitserin
You have events in your rules hierarchy. If there is no such key in the database, remove it and move the .read and .write up under rules.cartant
Answer below. If that doesn't work, share the minimal code that reproduces the problem: so the code that is allowed to write, that you don't want to be allowed.Frank van Puffelen

1 Answers

26
votes

This should work:

{
  "rules": {
    ".read": true,
    ".write": "auth.uid === 'dJrGShfgfd2'"
  }
}

Everyone in the world will be able to read the data, but only the user with UID dJrGShfgfd2 (and processes with administrative access) can write the data.