-
Notifications
You must be signed in to change notification settings - Fork 108
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Properties with only read/write false rules are omitted - even if sibling to wildcard property. #97
Comments
Just an update with a temporary workaround, for now i'm using the following statement to emulate the "false".
which will translate to
Since firebase will parse the value inside the ".read" and ".write" attributes, the statement "1==0" will be falsy. |
Firebase is read==false and write==false by default, so there is no need for this. |
There is a need for this. I want to make only one key un-readable and un-writable, but every sibling key readable and writable when authed. @fabiozaffani's workaround makes this possible, but compiling |
write() = false is a NO-OP in Firebase (JSON) rules. This is because all write rules are OR-ed together in the hierarchy - there is no way to make a child property unwritable when it has already been made writable by a parent rule. |
I'm not talking about parent keys, but siblings.
I want to make
Which makes every key (including I've realized that our model was actually different, so this doesn't affect me now. But it could certainly match a future use-case. The best solution I can see would be to correctly compile |
Ah! Now I see - thanks for the example. Since someKey is omitted (by Bolt), it is shadowed by a sibling WILDCARD rule! You current example compiles to:
What is wanted is:
|
Uh, then I'm confused. From my understanding, {
"parent": {
"this_is_a_key": "foo",
"someKey": "bar",
"this_is_another_key": "baz"
}
} then all three keys ( Am I missing something? |
(I edited my last response - I get it now!) |
Ah yes, exactly. :) |
Another work-around is to apply a type to someKey - which will emit a node for it in the JSON tree:
Generates
|
Enable generating .read/.write false rules for case where property is sibling of wildcard. Fixes issue #97.
Firebase work in a permissive mode by default (everyone allowed to read and write anything) I always set the paths and objects to read and write to false. However doing that inside a *.bolt file will translate to nothing. Let's use the following rules as an example:
Nothing get's generated in the resulting json file, the desired effect, however, should be
The text was updated successfully, but these errors were encountered: