status-im
/
burnchart
mirror of https://github.com/status-im/burnchart.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

notes on user auth and rules

This commit is contained in:
Radek Stepan 2014-09-05 20:01:14 -07:00
parent f8c30b8754
commit 214b6742bc
1 changed files with 27 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
NOTES.md
View File

@ -93,3 +93,29 @@ Accessing dynamic paths in the rules can be done using a `$` prefix. This serves
}
[User-based rules](https://www.firebase.com/docs/web/guide/user-security.html).
Use `uid` from Simple Login which is a string ID guaranteed to be unique across all providers.
Grant write access for this user.
{
"rules": {
"users": {
"$user_id": {
// grants write access to the owner of this user account
// whose uid must exactly match the key ($user_id)
".write": "$user_id === auth.uid",
"email": {
// an email is only allowed in the profile if it matches
// the auth token's email account (for Google or password auth)
".validate": "newData.val() === auth.email"
}
}
}
}
}
We want repos to have a 1 to many users mapping. This way changes in one get propagated to others. The issue is that users may be kicked from a project in which case they can't see the cached stats for a repo.
We can get [repositories](https://developer.github.com/v3/repos/) for a user, but we have to get orgs too and get repos there again.