vishalforcode · February 13, 2017 12:27
diff --git a/data-structure.js b/data-structure.js
 /* 

 This example shows how you can use your data structure as a basis for 
 your Firebase security rules to implement role-based security. We store
 each user by their Twitter uid, and use the following simplistic approach
 for user roles:

 0 - GUEST
 10 - USER
 20 - MODERATOR
 99 - ADMINISTRATOR

 This file shows the data structure, and the security-rules file below 
 shows the corresponding security rules.

 */

 {
    "users": {
        "twitter:12345": {
            "full-name": "Sara Robinson",
            "username": "SRobTweets",
            "role-value": 10
        },
        "twitter:56789": {
            "full-name": "Michael 'Kato' Wulf",
            "username": "katowulf",
            "role-value": 20
        }
        ....
    },
    "rooms": {
        "public-room-1": {
            "users": {
                "twitter:56789": 20,
                "twitter:12345": 10
            }
        },
        "admin-only-room": {
            "users": {
                "twitter:56789": 20
            }
        }
        ...
    },
    "messages": {
        "public-room-1": {
           -JVwTPcWMIt0J6Gbtrqh: {
                "user": "twitter:12345",
                "text": "Hello everyone!"
            }
            ...
        },
        "admin-only-room": {
            -JVwU5tLQRPbzXo4s_a1: {
                "user": "twitter:56789",
                "text": "This is a top secret message."
            }
            ...    
        }
    }
 }
diff --git a/security-rules.js b/security-rules.js
 {
    "rules": {
        ".read": true, 
        "users": {
          "$user": {
            //can add a message if authenticated
            ".write": "auth.uid === $user" 
          }
        }, 
        "rooms": {
            "$room": {
                "users": {
                    // can write to the users list only if ADMINISTRATOR
                    "$user": {
                        "write":"newData.parent().child(auth.uid).val() === 99"
                    }
                }
            }
        },
        "messages": {
          "$room": {
            "$message": { 
                //can add a message if they are a MEMBER
                ".write": "(!data.exists() && newData.exists() && root.child('rooms/' + $room + '/users/' + auth.uid).val() >= 10)"
            }
          }
        }
    }
 }
	/*

	This example shows how you can use your data structure as a basis for
	your Firebase security rules to implement role-based security. We store
	each user by their Twitter uid, and use the following simplistic approach
	for user roles:

	0 - GUEST
	10 - USER
	20 - MODERATOR
	99 - ADMINISTRATOR

	This file shows the data structure, and the security-rules file below
	shows the corresponding security rules.

	*/

	{
	"users": {
	"twitter:12345": {
	"full-name": "Sara Robinson",
	"username": "SRobTweets",
	"role-value": 10
	},
	"twitter:56789": {
	"full-name": "Michael 'Kato' Wulf",
	"username": "katowulf",
	"role-value": 20
	}
	....
	},
	"rooms": {
	"public-room-1": {
	"users": {
	"twitter:56789": 20,
	"twitter:12345": 10
	}
	},
	"admin-only-room": {
	"users": {
	"twitter:56789": 20
	}
	}
	...
	},
	"messages": {
	"public-room-1": {
	-JVwTPcWMIt0J6Gbtrqh: {
	"user": "twitter:12345",
	"text": "Hello everyone!"
	}
	...
	},
	"admin-only-room": {
	-JVwU5tLQRPbzXo4s_a1: {
	"user": "twitter:56789",
	"text": "This is a top secret message."
	}
	...
	}
	}
	}
	{
	"rules": {
	".read": true,
	"users": {
	"$user": {
	//can add a message if authenticated
	".write": "auth.uid === $user"
	}
	},
	"rooms": {
	"$room": {
	"users": {
	// can write to the users list only if ADMINISTRATOR
	"$user": {
	"write":"newData.parent().child(auth.uid).val() === 99"
	}
	}
	}
	},
	"messages": {
	"$room": {
	"$message": {
	//can add a message if they are a MEMBER
	".write": "(!data.exists() && newData.exists() && root.child('rooms/' + $room + '/users/' + auth.uid).val() >= 10)"
	}
	}
	}
	}
	}