To accomplish this, simply disable reading at the root or list-level of your Firebase, but permit reading at the specific room level:
{
".read": "false",
".write": "false",
"chat-rooms": {
"$guid": {
".read": "true"
}
}
}
Pergunta
TL;DR;
users can't read/write at root/chat-rooms/
users can read/write at root/chat-rooms/guid-id
Full version:
I have the following Firebase structure:
root > chat-rooms > room-id-guid (1000+) > messages under each room-id-guid
I don't want my users to authenticate with user/pass; as long as you can get into the room through the UI (links are generated on the server, and only a couple of rooms are available to any given user), you can read/write.
What I don't want is for users to be able to list all of the room-id-guids (e.g. through the developer console) and read/write to the room bypassing the UI.
Is this possible?
Solução
To accomplish this, simply disable reading at the root or list-level of your Firebase, but permit reading at the specific room level:
{
".read": "false",
".write": "false",
"chat-rooms": {
"$guid": {
".read": "true"
}
}
}