Firebase rules with custom IDs on nodes












0















I've been trying to create some rules for my firebase database, but it seems like I'm hitting a brick wall or (hopefully) there's just some point I'm not getting.



My data structure looks something like this:



units
<custom user id eg. 1234>
unit1
unit2
...
users
<custom user id eg. 1234>
name
email
phone
...
node3
<custom user id eg. 1234>
object1
object2
...


What I'd like to do is create rules that will only allow the user with ID 1234 (which is obviously different than the user's uid in Firebase authentication) to access his nodes.



Is there some way I can achieve this?










share|improve this question




















  • 2





    Have you read the documentation? There is a page on per-user security rules. It describes everything you need to know. firebase.google.com/docs/database/security/user-security

    – Doug Stevenson
    Nov 28 '18 at 13:38











  • The thing is, it doesn't seem to work when I've created the nodes with "custom" ids rather than let firebase create them dynamically?

    – foamy
    Nov 28 '18 at 13:48






  • 2





    Edit the question to show the rules that don't work the way you expect, along with the code that accesses your database. You'll need to make it clear to us what exactly does not work.

    – Doug Stevenson
    Nov 28 '18 at 13:59
















0















I've been trying to create some rules for my firebase database, but it seems like I'm hitting a brick wall or (hopefully) there's just some point I'm not getting.



My data structure looks something like this:



units
<custom user id eg. 1234>
unit1
unit2
...
users
<custom user id eg. 1234>
name
email
phone
...
node3
<custom user id eg. 1234>
object1
object2
...


What I'd like to do is create rules that will only allow the user with ID 1234 (which is obviously different than the user's uid in Firebase authentication) to access his nodes.



Is there some way I can achieve this?










share|improve this question




















  • 2





    Have you read the documentation? There is a page on per-user security rules. It describes everything you need to know. firebase.google.com/docs/database/security/user-security

    – Doug Stevenson
    Nov 28 '18 at 13:38











  • The thing is, it doesn't seem to work when I've created the nodes with "custom" ids rather than let firebase create them dynamically?

    – foamy
    Nov 28 '18 at 13:48






  • 2





    Edit the question to show the rules that don't work the way you expect, along with the code that accesses your database. You'll need to make it clear to us what exactly does not work.

    – Doug Stevenson
    Nov 28 '18 at 13:59














0












0








0








I've been trying to create some rules for my firebase database, but it seems like I'm hitting a brick wall or (hopefully) there's just some point I'm not getting.



My data structure looks something like this:



units
<custom user id eg. 1234>
unit1
unit2
...
users
<custom user id eg. 1234>
name
email
phone
...
node3
<custom user id eg. 1234>
object1
object2
...


What I'd like to do is create rules that will only allow the user with ID 1234 (which is obviously different than the user's uid in Firebase authentication) to access his nodes.



Is there some way I can achieve this?










share|improve this question
















I've been trying to create some rules for my firebase database, but it seems like I'm hitting a brick wall or (hopefully) there's just some point I'm not getting.



My data structure looks something like this:



units
<custom user id eg. 1234>
unit1
unit2
...
users
<custom user id eg. 1234>
name
email
phone
...
node3
<custom user id eg. 1234>
object1
object2
...


What I'd like to do is create rules that will only allow the user with ID 1234 (which is obviously different than the user's uid in Firebase authentication) to access his nodes.



Is there some way I can achieve this?







firebase firebase-realtime-database firebase-security-rules






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 28 '18 at 13:44









Doug Stevenson

81.9k997115




81.9k997115










asked Nov 28 '18 at 13:18









foamyfoamy

4101612




4101612








  • 2





    Have you read the documentation? There is a page on per-user security rules. It describes everything you need to know. firebase.google.com/docs/database/security/user-security

    – Doug Stevenson
    Nov 28 '18 at 13:38











  • The thing is, it doesn't seem to work when I've created the nodes with "custom" ids rather than let firebase create them dynamically?

    – foamy
    Nov 28 '18 at 13:48






  • 2





    Edit the question to show the rules that don't work the way you expect, along with the code that accesses your database. You'll need to make it clear to us what exactly does not work.

    – Doug Stevenson
    Nov 28 '18 at 13:59














  • 2





    Have you read the documentation? There is a page on per-user security rules. It describes everything you need to know. firebase.google.com/docs/database/security/user-security

    – Doug Stevenson
    Nov 28 '18 at 13:38











  • The thing is, it doesn't seem to work when I've created the nodes with "custom" ids rather than let firebase create them dynamically?

    – foamy
    Nov 28 '18 at 13:48






  • 2





    Edit the question to show the rules that don't work the way you expect, along with the code that accesses your database. You'll need to make it clear to us what exactly does not work.

    – Doug Stevenson
    Nov 28 '18 at 13:59








2




2





Have you read the documentation? There is a page on per-user security rules. It describes everything you need to know. firebase.google.com/docs/database/security/user-security

– Doug Stevenson
Nov 28 '18 at 13:38





Have you read the documentation? There is a page on per-user security rules. It describes everything you need to know. firebase.google.com/docs/database/security/user-security

– Doug Stevenson
Nov 28 '18 at 13:38













The thing is, it doesn't seem to work when I've created the nodes with "custom" ids rather than let firebase create them dynamically?

– foamy
Nov 28 '18 at 13:48





The thing is, it doesn't seem to work when I've created the nodes with "custom" ids rather than let firebase create them dynamically?

– foamy
Nov 28 '18 at 13:48




2




2





Edit the question to show the rules that don't work the way you expect, along with the code that accesses your database. You'll need to make it clear to us what exactly does not work.

– Doug Stevenson
Nov 28 '18 at 13:59





Edit the question to show the rules that don't work the way you expect, along with the code that accesses your database. You'll need to make it clear to us what exactly does not work.

– Doug Stevenson
Nov 28 '18 at 13:59












1 Answer
1






active

oldest

votes


















1














I am not sure why are you not using Firebase Authentication user UID instead of custom UID but ok :)



If you have mapping somewhere in your database between Firebase Authentication UID and your custom UID (e.g. you have saved Firebase Auth UID for user 1234 in mapping/1234/authUID), then you can write the database rule like this:



"users": {
"$customUserUid": {
".write": "root.child('mapping').child($customUserUid).child('authUID').val() === auth.uid"
}
}





share|improve this answer
























  • This seems like just the hint I need, many thanks! :) EDIT: The reason behind the custom UIDs is unfortunately out of my hands

    – foamy
    Nov 28 '18 at 14:06













Your Answer






StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53520386%2ffirebase-rules-with-custom-ids-on-nodes%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









1














I am not sure why are you not using Firebase Authentication user UID instead of custom UID but ok :)



If you have mapping somewhere in your database between Firebase Authentication UID and your custom UID (e.g. you have saved Firebase Auth UID for user 1234 in mapping/1234/authUID), then you can write the database rule like this:



"users": {
"$customUserUid": {
".write": "root.child('mapping').child($customUserUid).child('authUID').val() === auth.uid"
}
}





share|improve this answer
























  • This seems like just the hint I need, many thanks! :) EDIT: The reason behind the custom UIDs is unfortunately out of my hands

    – foamy
    Nov 28 '18 at 14:06


















1














I am not sure why are you not using Firebase Authentication user UID instead of custom UID but ok :)



If you have mapping somewhere in your database between Firebase Authentication UID and your custom UID (e.g. you have saved Firebase Auth UID for user 1234 in mapping/1234/authUID), then you can write the database rule like this:



"users": {
"$customUserUid": {
".write": "root.child('mapping').child($customUserUid).child('authUID').val() === auth.uid"
}
}





share|improve this answer
























  • This seems like just the hint I need, many thanks! :) EDIT: The reason behind the custom UIDs is unfortunately out of my hands

    – foamy
    Nov 28 '18 at 14:06
















1












1








1







I am not sure why are you not using Firebase Authentication user UID instead of custom UID but ok :)



If you have mapping somewhere in your database between Firebase Authentication UID and your custom UID (e.g. you have saved Firebase Auth UID for user 1234 in mapping/1234/authUID), then you can write the database rule like this:



"users": {
"$customUserUid": {
".write": "root.child('mapping').child($customUserUid).child('authUID').val() === auth.uid"
}
}





share|improve this answer













I am not sure why are you not using Firebase Authentication user UID instead of custom UID but ok :)



If you have mapping somewhere in your database between Firebase Authentication UID and your custom UID (e.g. you have saved Firebase Auth UID for user 1234 in mapping/1234/authUID), then you can write the database rule like this:



"users": {
"$customUserUid": {
".write": "root.child('mapping').child($customUserUid).child('authUID').val() === auth.uid"
}
}






share|improve this answer












share|improve this answer



share|improve this answer










answered Nov 28 '18 at 14:00









Revolution88Revolution88

650511




650511













  • This seems like just the hint I need, many thanks! :) EDIT: The reason behind the custom UIDs is unfortunately out of my hands

    – foamy
    Nov 28 '18 at 14:06





















  • This seems like just the hint I need, many thanks! :) EDIT: The reason behind the custom UIDs is unfortunately out of my hands

    – foamy
    Nov 28 '18 at 14:06



















This seems like just the hint I need, many thanks! :) EDIT: The reason behind the custom UIDs is unfortunately out of my hands

– foamy
Nov 28 '18 at 14:06







This seems like just the hint I need, many thanks! :) EDIT: The reason behind the custom UIDs is unfortunately out of my hands

– foamy
Nov 28 '18 at 14:06






















draft saved

draft discarded




















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53520386%2ffirebase-rules-with-custom-ids-on-nodes%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

A CLEAN and SIMPLE way to add appendices to Table of Contents and bookmarks

Calculate evaluation metrics using cross_val_predict sklearn

Insert data from modal to MySQL (multiple modal on website)