Menu
So I'm setting up the firebase security rules for my project and for the user to have read access to a room, we need to make sure they are part of that organization. So I have a security rule like this:
root.child('organizations').child(data.child('organization_id').val()).child('user_ids').hasChild(auth.uid)
Not only is this really ugly, there are several other rules in the same statement (separated by &&/||) which have start with root.child('organizations').child(data.child('organization_id').val()) to access data from the organization variable associated with this room.
This leads to some UGLY security rules, is there any way I can make temporary variables or something like that so I can make this a lot more readable? Thank you!
830
Firebase Security Rules work by matching a pattern against database paths, and then applying custom conditions to allow access to data at those paths. All Rules across Firebase products have a path-matching component and a conditional statement allowing read or write access.
1. Admin SDK bypasses security rules. As you explore security rules in depth, you will eventually discover that requests from the Firebase Admin SDK are not gated by rules. The Admin SDK is initialized with a service account, which gives the SDK full access to your data.
Edit and update your rulesOpen the Firebase console and select your project. Then, select Realtime Database, Cloud Firestore or Storage from the product navigation, then click Rules to navigate to the Rules editor. Edit your rules directly in the editor.
The RTDB has only three rule types: . read.
Nope. The Firebase Security rules language doesn't have support for custom variables. This indeed leads to lots of duplication between rules.
The best solution is to write your rules in a higher-level language, that compiles into Firebase Security rules. The most well-known ones are Blaze (the grand-daddy of them all), Butane (not from Firebase itself) and Bolt (new and under very active development).
Bolt for example allows you to define (global) functions, which can easily encapsulate the repeated snippet and much more.
197
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
