Here's my database structure:
Clients:
employee1emailaddress
employee2emailaddress
Employees:
employee1emailaddress
employee2emailaddress
allClients:
client1phonenumber
client2phonenumber
I want to make a security rule to limit the authenticated user to read and write from nodes associated to their email address
For example:
the employee who has the email address of employee1emailaddress can only read from and write to the nodes that has their email addresses as the key
How to make that possible ? and thanks in advance..
I would recommend not associating data with a user's email address. You should use their UID instead:
{
"rules": {
"$uid": {
".read": "auth !== null && auth.uid === $uid",
".write": "auth !== null && auth.uid === $uid"
}
}
}
This will only allow users to read and write from a directory in your database where the key is their UID.