Firebase sharing data with other users

戏子无情 提交于 2019-12-06 09:34:10

At first glance this seems like a reasonable starting point. I'd just replace the "values that are the same as the key" with a simple true, to save a few bytes of storage/bandwidth. Aside from that it's hard to give more "hard" advice without knowing all use-cases.

You might also want to consider a recent change: security rules can now validate queries, which means that you could potentially do without the /users/$uid/lists index. I recommend that you try this and see if it works for your use-case.

To allow read access to a list only to members of that list, these rules could be a starting point:

{
  "rules": {
    "lists": {
      "$listid": {
        "items": {
          ".read": "
            data.parent().child('members').child('admin').val() === auth.uid ||
            data.parent().child('members').child(auth.uid).exists()
          "
        }
      }
    }
  }
}

The first line of that .read rule grants read access to the admin. The second line then grants read access to all other users.

Finally: as always I recommend reading NoSQL data modeling and watching Firebase for SQL developers.

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!