hi
in my application which allows to control who frequents the library I associate the name of the user and the link which points to his photo is this harmful ?
Is this harmfull in what way?
Are these rules for real time database, firestore?
Setting up Firebase rules can be a bit confusing at times.
Anything in terms or chapters only requires a user to be authenticated but in the user bucket, the current users is must match the bucket key they are trying to read/write to.
I like to store info under private keys in a users bucket like this
1 Like
Hi
This rules are for realtime database
1 Like
Hi
I agree with you except that connected is not my user bucket itās the place where I store the temporary info of people who are temporarily in the reading room
Are they required to read from it? If yes put something like read: auth != null and remove the write ability. Thus your users wont be able to write to the DB only read from it
hi
yes they are obliged to read and I would follow your recommendation delete the writing as if it were the user bucket
1 Like
hi
I donāt know where I was thinking in fact everyone can read the data and each user must be able to ādelete his presenceā in the reading room
I hope to find more appropriate rules
thanks for your support
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.