How to query Firebase Realtime Database to retrieve a list of items that multiple users have access to?

Question

Here's my database structure:

{
  items: {
    'aRandomUid1': {
      data: {
        name: 'theName'
      },
      users: {
        'userUid1': true,
        'userUid2': true
      }
    },

    'aRandomUid2': {
      data: {
        name: 'theName2'
      },
      users: {
        'userUid3': true
      }
    },
    'aRandomUid3': {
      data: {
        name: 'theName3'
      },
      users: {
        'userUid1': true,
        'userUid2': true
      }
    }
  }
}

I want to query all items that a user with uid 'userUid1' has access to:

firebase.database().ref('items')
.orderByChild(`users/${currentUserUid}`)
.equalTo(true)
.on('child_added', (data)=>{
    console.log(data.val())
})

Now, how can I add security rules to allow this query and prevent unauthorized access?