1

I have 3 users which is for admin, manager and user. How can i create a role based function in firebase? Where admin can view, write certain page, manager can read, write, edit, while user can only read? on my database firebase (realtime) i changed to this rules:-

{
  "rules": {
    "users": {
      "$uid": {
        ".read": "$uid === auth.uid",
        ".write": "$uid === auth.uid"
      }
    }
  }
}

I'm stuck with this. i managed to create an account but its not restrict to pages. how can i change it? Please help me

Frank van Puffelen
  • 565,676
  • 79
  • 828
  • 807
user10241925
  • 31
  • 4

1 Answers1

1

See Control Access with Custom Claims and Security Rules

The Firebase Admin SDK supports defining custom attributes on user accounts. This provides the ability to implement various access control strategies, including role-based access control, in Firebase apps. These custom attributes can give users different levels of access (roles), which are enforced in an application's security rules.

{
  "rules": {
    "adminContent": {
      ".read": "auth.token.admin === true",
      ".write": "auth.token.admin === true",
    }
  }
}
Ronnie Royston
  • 16,778
  • 6
  • 77
  • 91