2

Here is my rules and security model : 

    {
        "rules": {
          "users": {   
            ".read" : "true",
            ".write" : "auth != null && data.val()===null",
            "$uid": {
              ".write" : "auth != null && auth.uid==$uid || data.val()===null"
            }
          }
    }
}

This a firebase for a mobile app. Imagine the $UID has a branch named RATING. I don't want one authentifed user can update this information. How can I prevent it ? I could do maybe this by adding this line : 

"rating": {
       ".write": "false"
        }

But in this case how can the app update the rating ?

I'm stuck on it, please give me some help cos I don't understand how I can write in firebase from a server side (like firebase hosting or webscript.io).

And forgive me this question if you think it's a stupid one.

Runfast Webmaster
  • 319
  • 4
  • 13
  • What you suggest won't work, because you set write to true before and it won't change it back to false. Can you make clear what a user can change and who (or what) else can change the rest? – André Kool Dec 14 '15 at 14:55
  • 1
    Take a look at: http://stackoverflow.com/questions/29240940/how-do-you-authenticate-a-server-to-firebase. Maybe that answers your question? – André Kool Dec 14 '15 at 15:01
  • Hi André Kool,Thanks for your answer I'm going to try that. – Runfast Webmaster Dec 14 '15 at 15:06
  • Also have a look at this question from yesterday that deals with splitting the data that should be writable in a situation such as this: http://stackoverflow.com/questions/34241129/how-to-set-this-firebase-rules/34242083#34242083 – Frank van Puffelen Dec 14 '15 at 15:25
  • Frank, really interessting ! But in this case : how can I write to firebase ? I have to use one external server ? Can I use something as webscript.io or can I use the firebase hosting to run one script ? – Runfast Webmaster Dec 14 '15 at 15:33
  • Firebase currently doesn't offer a way for you to run your code on Firebase's servers. See http://stackoverflow.com/questions/31340542/how-to-write-custom-code-logic-when-using-firebase/31346677#31346677, http://stackoverflow.com/questions/22881973/can-i-host-a-listener-on-firebase – Frank van Puffelen Dec 14 '15 at 19:37

0 Answers0