angularjs - How to allow read/write objects only to authenticated user with Firebase? -


i trying make simple test of storing notes objects in firebase, user security rules ensure notes can read , write author.

here data stored in firebase looks like:

my_firebase_db - notes     - k835tw_h28xxb-sj4b         - text: "note 1 author 1",         - user_id: "11b09925-534b-4955-ac55-3e234809432f"     - k835tw_h28xxb-sj4b         - text: "note 1 author 2",         - user_id: "11b09925-534b-4955-ac55-4d223893382c"     - k835tw_h28xxb-sj4b         - text: "note 2 author 2",         - user_id: "11b09925-534b-4955-ac55-4d223893382c"

angular code (angularfire) authenticates user custom token, load notes , method add note:

var ref = new firebase("https://xxx.firebaseio.com"); // authenticate users custom authentication token $firebaseauth(ref).$authwithcustomtoken(data.token).then(function(authdata) {       console.log("logged in as:", authdata.uid);       $scope.user_id = authdata.uid; }).catch(function(error) {       console.error("authentication failed:", error); });  // load notes $scope.notes = $firebasearray(ref.child('notes'));  $scope.addnote = function() {   note = {       user_id: $scope.user_id,       text: $scope.newnote.text   };   $scope.notes.$add(note); };

security & rules setup in firebase:

{   "rules": {     "notes": {       ".read": "auth != null && data.child('user_id').val() === auth.uid",       ".write": "auth != null && newdata.child('user_id').val() === auth.uid"     }   } }

with these rules, read & write not allowed.

if change rules this, read & write allowed (but authors can read everybody's notes):

{   "rules": {     "notes": {       ".read": "auth != null",       ".write": "auth != null"     }   } }

how can write security rule in firebase allow authenticated user read & write own notes?

turns out answer here: "rules not filters".


Comments

Post a Comment

Popular posts from this blog

get url and add instance to a model with prefilled foreign key :django admin -

Image
i have page in each contest shown in row. each row contains contest id , link other model names have foreign key contest. news model: class news(models.model): title = models.charfield(max_length=50, null=true) description = models.textfield() time = models.timefield( default= datetime.datetime.now().time()) contest = models.foreignkey(contest) i want use admin adding , changing these models. want when user clicks on 'news' has foreign key contest id=1, shows list of news value foreign key. use {% instance in instances %} <tr class="{% cycle 'row1' 'row2' %}"> <td>{{ instance.title }}</td> <td>{{ instance.starttime }}</td> <td>{{ instance.timespan }}</td> <td>{{ instance.date }}</td> <td><a href="/adm...
Read more

css - Make div keyboard-scrollable in jQuery Mobile? -

from can tell, although jquery-mobile-powered pages can contain divs overflow set scroll or auto, , these divs can scrolled one-screen bar or mouse wheel, cannot scrolled using arrow keys, page-up/page-down, or home/end. instead, official "page" div (with data-role="page") absorbs input. perhaps other divs can't acquire focus, i'm not sure. is there way around this? edit: jsfiddle of simple example: https://jsfiddle.net/qogz0shx/ <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js"></script> <script src="https://ajax.googleapis.com/ajax/libs/jquerymobile/1.4.5/jquery.mobile.min.js"> </script> <link rel="stylesheet" href="https://code.jquery.com/mobile/1.4.5/jquery.mobile-1.4.5.css"/> <style> #outer { overflow:scroll; height: 50vh; width: 50vw; } #inner { height: 500vh; width: 500vw; } ...
Read more

android - Keyboard hides my half of edit-text and button below it even in scroll view -

i having trouble keyboard covers edit-text , half of button in scroll view. here's layout , please tell me how should resolve problem. many questions on topic none of them s working me. <?xml version="1.0" encoding="utf-8"?> <linearlayout xmlns:android="http://schemas.android.com/apk/res/android" android:layout_width="match_parent" android:background="@drawable/bg" android:layout_height="match_parent"> <scrollview android:layout_width="match_parent" android:fillviewport="true" android:layout_height="match_parent"> <relativelayout android:layout_width="match_parent" android:layout_height="wrap_content" android:orientation="vertical"> <linearlayout android:layout_width="match_parent" android:layout_height="w...
Read more