Is it feasible to restrict access to specific fields of an object in the Firebase database for viewing purposes using Firebase permissions?

Consider this JSON structure representing a Firebase DB:

{
      "users": {
        "user0": {
          "name": "Mike",
          "age": 20,
          "relationship": "married",
          "friends": [...]
        },
        "user1": {
          "name": "Sarah",
          "age": 20,
          "relationship": "single",
          "friends": [...]      
        },
        ...
      }
    }

If we utilize the Firebase permission system, can we grant access to name and age for all users by setting their permissions to true, while limiting visibility of the relationship status to a specific group, such as the user's friends?

How should the security-rules.json be configured to achieve this?

javascriptjsonfirebasefirebase-realtime-databasefirebase-security

Answer №1

In my opinion, it's important to establish separate paths for data that should be accessible to all users and data that should be restricted to certain users. This approach may require more initial setup, but it will ultimately simplify the management of user permissions as your application evolves. With each update to user attributes, you'll need to adjust your database security rules accordingly.

However, if you prefer to use database security rules for managing permissions, you can create rules specific to each path requiring protection. For instance:

"rules": {
    "profiles": {
        "$user_id": {
            "privacy": {
                ".read": <certain condition>
            }
        }
    }
}

For further guidance and examples, refer to the official documentation.

Similar questions

If you have not found the answer to your question or you are interested in this topic, then look at other similar questions below or use the search

Combining JS and PHP for secure function escaping

Looking for a solution to properly escape quotes in generated PHP Javascript code. Here is an example of the current output: foreach ($array as $element) { echo '<a onClick="myFunctionTakesPHPValues('.$element[0].','.$element[1] ...

phpjavascriptescaping

Attaching the JSON data to ngModel in Angular 2

I have received a json response containing various fields, including the rewards.rewardName value. I'm trying to figure out how to bind this specific value to [(ngModel)] in Angular 2. [ { "id": 18, "gname": "learning ramayanam", "goalCat ...

javascriptjavajsonangulartypescript

Splitting Android JSON data by name/type into separate results

This is my initial venture into using a JSON file sourced from a local directory on an Android device. I have successfully managed to parse information effectively. However, my current challenge lies in selecting subcategories. For instance, if a section c ...

androidarraysjson

Utilize jQuery and HTML simplistically to display or conceal divs throughout a webpage

After developing some basic jQuery code using if-statements to toggle the visibility of Divs based on a select list in HTML, I am seeking ways to enhance this code: 1) How can I achieve the same functionality with fewer lines of code? 2) Rather than manu ...

javascriptjqueryhtmlif-statementoptimization

What could be causing the observable collection to display the correct number of objects, yet have them all appear empty?

I am offering the following service @Injectable() export class LMSVideoResulful { getVideos( enrolmentId : number ) :Observable<Array<Video>> { var x = new Array<Video>(); //https://www.youtube.com/embed/MV0vLcY65 ...

javascriptangulartypescript

Using JQuery to reveal a hidden child element within a parent element

I'm facing a challenge with displaying nested ul lists on my website. The parent ul is hidden with CSS, causing the child ul to also remain hidden even when I try to display it using jQuery. One approach I've attempted is adding a class to the f ...

javascriptjqueryjquery-selectors

What is the best way to incorporate autoplay video within the viewport?

My objective is for the video to automatically start playing when it enters the viewport, even if the play button is not clicked. It should also pause automatically when it leaves the viewport, without the need to click the pause button. <script src=& ...

javascripthtmljquery

Tips for monitoring multiple values in a Vue 3 script setup

Within my code, I currently have a watcher set up like this (inside <script setup>): const form = reactive({ body: '', image: '' }) watch(() => form.image, () => { console.log(form.image) }) I am looking to enh ...

javascriptvue.jseventsvuejs3watch

Unable to connect Dropzone to dynamically loaded DIV using AJAX

Using Dropzone for client-side image uploads has been a breeze. Take a look at this basic example that is currently up and running: If you examine the source code, you'll notice that I am utilizing JQuery to connect Dropzone to the upload1 div ID. H ...

javascriptjqueryajaxdropzone.js

JavaScript XML Serialization: Transforming Data into Strings

When trying to consume XML in an Express server using express-xml-bodyparser, the resulting object is not very useful. This is the XML: <SubClass code="A07.0"/> <SubClass code="A07.1"/> <SubClass code="A07.2"/> <SubClass code="A07.3" ...

javascriptjsonxmlexpress

Having issues retrieving and utilizing response status code following the initial then() method in a Promise

My goal is to utilize the response status code, which is initially available in the first then function along with the JSON response data. However, I am encountering a SyntaxError: Unexpected token U in JSON at position 0. Here is the snippet of the promi ...

javascriptreactjsexpresses6-promise

Exploring the functionality of Material-UI's TextField component through role-based testing with React

I currently have some components that contain mui TextFields, and there are two specific scenarios for these components: One TextField is meant for LicenseCode and does not require a label. Additionally, there are several TextFields generated using t ...

javascriptreactjsjestjsmaterial-uireact-testing-library

Ways to identify when a Node.js query does not return any data from the MySQL database

Trying to identify when nodejs does not receive any data back from a mysql query. If the data passed through a GET request is accurate, it returns the expected results. Successful Request: http://server.com:8000?a=userinfo&user=datathatmatchesvaluein ...

mysqljsonnode.jsexpress

JSON parsing error: an unexpected token was encountered

I have recently validated the JSON string response on this JSON formatter tool and it confirms that the JSON string is valid. Below is the function I utilized to serialize data into a JSON string: private string getJSONData() { obj_userSession = new ...

c#angularjsjson

JavaScript Mobile Redirect HTML

Despite numerous attempts, I have been unable to get the mobiledetector script to function as desired for my mobile viewers. My goal is to include a link on the mobile site that allows users to access the full site without being redirected back to the mobi ...

javascripthtmlhttp-redirectmobilecookies

Exploring the possibilities of integrating JavaScript with Flash technology

Currently, there is a simple Flash project in development that connects to an RTMP server and streams video and audio from a webcam. The project allows users to create a stream with a specific name. This project also features an input for entering a strea ...

javascriptflashvideostreaming

There are no functions or classes returned when using NPM Link with the module

Welcome. Whenever I run npm link ../folder/ToFolder, it works as expected. However, when I attempt to import any function, nothing is returned. A clearer explanation I have tried importing a module that I created from another folder using npm link. When ...

javascriptnode.jstypescriptnpmnpm-link

Registering users in Laravel using asynchronous JavaScript and XML (AJ

I am having trouble implementing a user registration process using ajax in the Laravel framework. Routes Route::get('/register', 'Auth\AuthController@getRegister')>name('register'); Route::post('/register', ...

javascriptajaxlaravel

How can we access a value within a deeply nested JSON object in Node.js when the key values in between are not

In the nested configuration object provided below, I am seeking to retrieve the value associated with key1, which in this case is "value1". It's important to note that while key1 remains static, the values for randomGeneratedNumber and randomGenerated ...

javascriptjsonnode.jsnpmnested

How can I turn off popover when I am moving an event?

Is there a way to hide the popover element when dragging an event in fullcalendar, and then show the popover again after the dragging is stopped? Here is the code I am currently using: eventRender: function(event, elementos, resource, view) { var ...

javascripttwitter-bootstrapfullcalendar