Firebase rules: permission for each users to read node

0
votes

There are 2 nodes on Firebase Database, let say "NodeA" and "NodeB" that I want to set permission for.

Node "Users" will contain list of users that use the app, this node can be written to from the app. $userId will be key for each child node

Node "Permission" will contain permission for each user, this node MUST NOT be read or written to by users from the app. $userId is also be a key for each child, with value is 0 as default when users first get into the app.

Let say user1 just get into the app, I call a function to create a new user under "Users" node. And I use firebase functions to write a node with this $userId to "Permission" node.

This user1 can only read "NodeA", NOT "NodeB" until I set Permission.$userId value manually to 1.

How can I setup this rules in Firebase?

1
firebasefirebase-realtime-databasefirebase-securityrules
Great to hear that you figured it out. For future questions: instead of describing your data model, show the minimal actual JSON that you're working with. You can get this by clicking the "Export JSON" link in your Firebase Database console. Having the actual JSON makes it much easier to understand what you're doing. If you then also add the security rules that you've already tried, you're much more likely to get timely help. - Frank van Puffelen

1 Answers

0
votes

I finally found a way to do this. I need to authenticate user in order to get auth variable in RULES, and I use auth.uid to compare with the one I put manually in Permissions node to give correct permission