0

I have a problem setting security rules in Firebase. I have this structure:

"notes": {
"1": {
    "userId": "user_1",
    "text": "note text"
},
"2": {
    "userId": "user_1",
    "text": "another note"
},
"3": {
    "userId": "user_2",
    "text": "some note text"
},
"4": {
    "userId": "user_3",
    "text": "something"
}
}

I want to retrieve all notes, for logged in user by his auth.uid variable in security rules. When user with uid user_1 is logged in, and call 

ref.on("notes", function...)

I want he will get only his notes. How to set rules for it?

Vlado
  • 1,052
  • 10
  • 8
  • Security rules don't work like filters -- you should be querying your data in a way such that only the notes for the logged in user are returned, and not the whole list. Take a look at the docs for [Securing Your Data](https://www.firebase.com/docs/security/guide/securing-data.html), specifically, the [Rules are not Filters](https://www.firebase.com/docs/security/guide/securing-data.html#section-filter) section. – sbolel Mar 26 '16 at 21:28
  • Or read [this great answer by one of the Firebase leads](http://stackoverflow.com/a/14298525/209103). – Frank van Puffelen Mar 26 '16 at 23:02

0 Answers0