0

I'm trying to set read access to the data the own user writes in firebase realtime database.

I'm giving to each firebase entry what I though was the uid for that entry this way in the code:

final DatabaseReference ref = FirebaseDatabase.getInstance().getReference().child("Chat").child(myId));

But the following code doesn't work in firebase realtime database:

{
  "rules": {
    "Chat": {
      "$uid": {
        ".read": "$uid === auth.uid",
        (more code here)
      }
    }
  }
}

I'm using anonymous signing to log in into firebase, maybe that's the reason it doesn't recognize it as an uid, or maybe it's just that this is not an uid.

Which would be the firebase rule for this case? I guess that by changing the "$uid" for "$whatever_this_field_is_understood_by firebase_rules" it would work.

Is this possible to do?

PD: Per Frank van Puffelen request I'm describing what my realtime database structure is:

Level1

  Level2 (The one corresponding to "Chat")

    Level3.1 (this one should match with the id, it's named with its name)

     Level4 (field 1)

     Level4 (field 2)

     Level4 (field 3)

    Level3.2

     Level4 (field 1)

     Level4 (field 2)

     Level4 (field 3)

On the other hand I think I've found a solution by changing the rule to ".read": "$uid === $uid", but I'm unable to test it properly.

I want to check that if an user with the $uid being, for example "222" tried to access the field 1 of the one with "111" it would be impossible, but I'm unable to find a way to do this in code as a test.

Could someone confirm that this is the way it would be correct or how could I make the mentioned test?

Yashovardhan99
  • 887
  • 11
  • 26
mylket
  • 147
  • 7
  • 1
    Did you try testing it with the simulator? Because in the simulator you can test with anonymous auth and it gives the same uid for testing. Also it's case sensitive so make sure that Chat is not chat. – Simon Cadieux Apr 04 '19 at 12:19
  • @SimonCadieux, I hadn't tested with emulator, but i have now and it says that the operation is denied, "Chat" is correct. – mylket Apr 04 '19 at 12:26
  • Please update your question to include: 1) the JSON that you're trying to read, 2) the code that is trying to read and getting rejected. – Frank van Puffelen Apr 04 '19 at 13:35
  • @Frank van Puffelen, what JSON? I guess you are refering to the structure of the registries that get inserted in firebase realtime database, ok I'll put it, what is being rejected is the ".read": "$uid === auth.uid", I guess do to that being an incorrect rule. – mylket Apr 04 '19 at 18:11
  • 1
    Instead of mentioning your database structure in that manner. You better export it and paste it in the question so that people can copy paste your real-time database into their project and try.. [Click me for how to export Realtime db](https://stackoverflow.com/a/47182298/10953546) – Fire-In-D-Hole Apr 04 '19 at 18:27

0 Answers0