I am using firebase realtime database and query data with firebase-query and firebase-document. I configured some rules, when ran in simulator the read is accepted but in real life read id denied. Have to ".read": true in root to get expected outcome. Note: i am using both polymerfire AND Firebase js sdk but for different things and JS is on external file and I am writing rules using Bolt compiler.
rules:
rules.bolt
//Questions
path /Question/{qid} {
read() { true }
write() { true}
}
//Users
path /Users/{uid}/Profile {
read() { true }
write() { signedIn() && isUser(auth, uid) }
}
path /Users/{uid}/Metadata {
read() { signedIn() && isUser(auth, uid) }
write() { signedIn() && isUser(auth, uid) }
}
function signedIn (){ auth != null}
function isUser (auth, userKey) {
return auth.uid == userKey;
}
rules.json
{
"rules": {
"Question": {
"$qid": {
".read": "true",
".write": "true"
}
},
"Users": {
"$uid": {
"Profile": {
".read": "true",
".write": "auth != null && auth.uid == $uid"
},
"Metadata": {
".read": "auth != null && auth.uid == $uid",
".write": "auth != null && auth.uid == $uid"
}
}
}
}
}
EXPECTATION
Stored value is initialised and the data can only be read from Questons/{{qid}} and Users/{{uid}}/Profile (and Users/{{uid}}/Metadata if the user is seeing him/hers won profile) and all the data is shown.
REALITY
When not used ".read": true:
Initializing stored value.
and no data is incoming though when ran in simulator read is granted.
When USED ".read": true:
Initializing stored value.
Sync to memory.
Updating data from Firebase value: {Metadata: {…}, Profile: {…}}
Got stored value! {Metadata: {…}, Profile: {…}} {Metadata: {…},
Profile: {…}}
Sync to memory.
and other datas are also incoming and are showing.
I think this is because of rules cascade.
If rules cascade is the case how to fix this up using Bolt and if not then what to do?
