Why are these two identical sets of Firebase rules are working very differently? -
this set of rules working fine , giving output expected
{ "rules": { "intents" : { ".read" : "auth.uid === data.child('to').val()", ".write" : true }, "messages" : { ".read": "auth.uid !== null", "$message": { ".write": true } } } }
but, set of rules not allowing user read data, though write operation working fine in set too.
{ "rules": { "intents" : { ".read" : "auth.uid === data.child('to').val()", ".write" : true }, "messages" : { "$message": { ".read": "auth.uid !== null", ".write": true } } } }
to me, both these sets identical. there "firebase security rules" rule i'm missing?
note both these rules tested without making change database or code. rules shown altered.
the 2 sets of rules have 1 important difference: first 1 allows read "messages" in 1 operation, while other allows read single message @ once. trying read messages in 1 operation, first rules let that.
{ "rules": { ... "messages" : { ".read": "auth.uid !== null", // here: can read @ once "$message": { ".read": "auth.uid !== null", // here: can read 1 @ time ".write": true } } } }
Comments
Post a Comment