Menu
I have read through Firebase Documentation and do not understand what is .contains().
Below are the sample rules for Firebase Database in the documentation:
{
"rules": {
"rooms": {
"$room_id": {
"topic": {
// the room's topic can be changed if the room id has "public" in it
".write": "$room_id.contains('public')"
}
}
}
}
}
May I know what is this $room_id.contains('public')?
Is it referred to the child of $room_id?
235
Basic write operations Using set() overwrites data at the specified location, including any child nodes.
Firebase Realtime Database Security Rules determine who has read and write access to your database, how your data is structured, and what indexes exist. These rules live on the Firebase servers and are enforced automatically at all times. Every read and write request will only be completed if your rules allow it.
Default rules: Locked mode When you create a database or storage instance in the Firebase console, you choose whether your Firebase Security Rules restrict access to your data (Locked mode) or allow anyone access (Test mode).
Open the Firebase console and select your project. Then, from the product navigation, do one of the following: Select Realtime Database, Cloud Firestore, or Storage, as appropriate, then click Rules to navigate to the Rules editor.
$room_id is the matched wildcard key name that appears as the parent of "topic". The rule is allowing writes only if that key name contains the string "public" anywhere in it.
So, if anyone tried to change the value of /rooms/public_roomid/topic to some value, that would be allowed. However, a write of /rooms/roomid/topic would be rejected.
167
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
