0

I have the following rule set for events:

  "events": {
  ".indexOn": ["startTime"],
    "$eventId" : {
      ".read":  "auth != null && data.child($eventId+'/startTime').val() < (now + 86400000)",
      ".write": "auth != null && data.exists() && auth.uid === data.child('uid').val() || auth != null && root.child('proUsers/'+auth.uid).exists()"          
    }
}

My intention was to limit read for all events to events that have startTime less than tomorrow. Thus I set a listener using .on() with "value like so:

database.ref('events').orderByChild('startTime').on('value', (snapshot) => { console.log(snapshot.val())}

however I get nothing, error occurs. Whats wrong with my rule. I did not want to set the ".read": "auth != null" right below events since rules cascade.

Update: According to Restricting child/field access with security rules, I need to store a separate list of all approved to view events and set a read rule on that, but the problem is that in my case approved list changes according to the startTime value, thus it needs to happen automatically thus that solution does not work for me.

Community
  • 1
  • 1
jasan
  • 11,475
  • 22
  • 57
  • 97
  • 1
    It looks like you are trying to use security rules to filter data: http://stackoverflow.com/a/14298525/6680611 – cartant Oct 03 '16 at 08:40
  • So security rules don't filter data but So how can i limit so the one segment of users cannot view events more than 24 hours away? How can I make an activeList of events since it can update every second. – jasan Oct 03 '16 at 09:17
  • You'll need to store the relevant items (or their keys) in a list where the users have access to the list itself. Typically you do this by adding an extra "index", similar to `groups` in the [Firebase documentation on creating data that scales](https://firebase.google.com/docs/database/android/structure-data#fanout). – Frank van Puffelen Oct 03 '16 at 13:40

0 Answers0