0

I have an Agro App developed with Flutter and one Firebase RTDB project. From that database, I want to give web access to the public so that anyone can see (not write) certain information regarding the origin of the food produced.

Then, I would like to implement one of these options:

  1. To use the same database: Implement a new location in my database with public security rules
{
  "rules": {
    "newlocation": {
      ".read": true,
      ".write": false
    }
  }
}

Is it safe to do this? Is the rest of my database at risk?

OR

  1. To make a new Firebase project with public access.

Is it possible to write to two Firebase projects in the same App? Is it easy to implement and maintain?

What option do you consider safer and clearer?

David L
  • 1,134
  • 7
  • 35
  • If you're asking if you can access two Firebase Databases from one app, the answer is yes. I don't know your entire coding platform but check out [this question](https://stackoverflow.com/questions/49213879/how-to-access-multiple-firebase-databases-from-one-xcode-project). You can use rules to allow/deny access to any part of your database and it is as secure as you make the rules, so yes to part 1. – Jay Apr 12 '21 at 20:59
  • Thank you. What option (1 or 2) do you consider safer and clearer? – David L Apr 12 '21 at 21:07
  • It's hard to say without understanding the entire use case, and that would go beyond the scope of SO. However if the need to simply allow users to see data in a node but not be able to write to that node, that's what security rules are for in the first place; securing your data, so that's probably what I would do. – Jay Apr 12 '21 at 21:49

1 Answers1

0

This would work in general, but I would be hesitant to provide read access to your entire DB. You could limit the read access to specific paths. See an example taken from the docs https://firebase.google.com/docs/database/security

{
  "rules": {
    "foo": {
      ".read": true,
      ".write": false
    }
  }
}

If you're still worried about potential loss, take advantage of firebase's automated backups so you always have a fresh copy of your DB.

Daniel Carns
  • 1
  • 1