AndroidBullOfficial

// Validates user is moderator from different database location
{
 “rules”: {
 “posts”: {
 “$uid”: {
 “.write”: “root.child(‘users’).child(‘moderator’).val() === true”
 }
 }
 }
}

AndroidBullOfficial

// These rules grant access to a node matching the authenticated
// user's ID from the Firebase auth token
{
  "rules": {
    "users": {
      "$uid": {
        ".read": "$uid === auth.uid",
        ".write": "$uid === auth.uid"
      }
    }

AndroidBullOfficial

// Only authenticated users from a particular domain (example.com) can access/write data
{
 “rules”: {
 “.read”: “auth.token.email.endsWith(‘@example.com’)”,
 “.write”: “auth.token.email.endsWith(‘@example.com’)”
 }
}

AndroidBullOfficial

// Only authenticated users can access/write data
{
 “rules”: {
 “.read”: “auth != null”,
 “.write”: “auth != null”
 }
}

AndroidBullOfficial

// Full security
{
 “rules”: {
 “.read”: false,
 “.write”: false
 }
}

AndroidBullOfficial

// No Security
{
 “rules”: {
 “.read”: true,
 “.write”: true
 }
}

AndroidBullOfficial

// Prevents Delete or Update
{
 “rules”: {
 “posts”: {
 “$uid”: {
 “.write”: “!data.exists()”
 }
 }
 }
}

AndroidBullOfficial

// Prevents only Delete
{
 “rules”: {
 “posts”: {
 “$uid”: {
 “.write”: “newData.exists()”
 }
 }
 }
}

AndroidBullOfficial

// Prevents Create and Delete
{
 “rules”: {
 “posts”: {
 “$uid”: {
 “.write”: “data.exists() && newData.exists()”
 }
 }
 }
}

AndroidBullOfficial

// Allow reads if the group ID in your token matches the file metadata's `owner` property
// Allow writes if the group ID is in the user's custom token
match /files/{groupId}/{fileName} {
  allow read: if resource.metadata.owner == request.auth.token.groupId;
  allow write: if request.auth.token.groupId == groupId;
}