Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Firebase Security Rules for .remove () method

Tags:

firebase

I want to restrict .remove() method on my data - only allowing the author/creator the ability to .remove the node. Is this possible?

I have the standard users tree and a pair of data trees geoFire and one named details. 'Details' has nodes that contain entries like timestamp and user (which matches auth.uid).

like image 421
Ronnie Royston Avatar asked Nov 03 '15 04:11

Ronnie Royston


People also ask

Where are the Firebase security rules?

Security rules reside outside of your app. You can set them up directly through the Firebase Console or through the Firebase CLI. Using Firebase Console : In your Firebase console, open the Firebase Database tab, there in the upper hand side you can choose the rules tab.

What security rules are used for when accessing Cloud Storage through the Firebase console?

Firebase Security Rules for Cloud Storage integrates with Firebase Authentication to provide powerful user based authentication to Cloud Storage. This allows for granular access control based on claims of a Firebase Authentication token. When an authenticated user performs a request against Cloud Storage, the request.

How many rules are you used to secure real time database?

The RTDB has only three rule types: . read.


1 Answers

A remove in Firebase means that you're writing no/empty data to a location that currently contains data:

".write": "!data.exists() || newData.exists()"

Quick table to ensure I got all of them:

data.     newData.
exists()  exists()  .write
--------+---------+--------
false     false     true
false     true      true
true      false     false
true      true      true
like image 133
Frank van Puffelen Avatar answered Oct 03 '22 01:10

Frank van Puffelen