I need help with implementing Firebase security rules for specific collections of user data. Continuous maintenance is not required for the security rules. I need someone who has experience with administering security for databases like Firebase and can advise me on the best way to protect my data. I'm aiming to make sure user data is secured in the best way possible.
I am working on a social media app using firebase firestore, and I need help with securing one collection.
I would also like automated firebase security tests written to ensure that all the cases are covered (see: [login to view URL] and [login to view URL])
The collection is friend requests, and is the following structure:
Requests {
userUID: {
allFriends
incoming
outgoing
}
}
Where:
-allFriends is a list of userIds
-incoming is a map. Where the key is the incoming userId and it has properties: name, photoUrl, and status
-outgoing is a map. Where the key is the incoming userId and it has properties: name, photoUrl, and status
This is the logic I believe it should follow. Please let me know if there is any logic flaws here for a secure setup.
Sending a friend request:
1. Can always write to outgoing of yourself
2. Can write your UID to incoming of anyone
3. You should not be able to write any UID to your incoming
Accepting Friend Request
1. Can write your UID to their allFriends if your UID is in their outgoing
2. Can write their UID to your allFriends if their UID is in your incoming
Read:
- You can read all of your requests (all friends, incoming and outgoing)
Hi there! My name is Ankit and I'm a full-stack developer with 2+ years of experience. I understand that you need help implementing Firebase security rules for specific collections of user data and that continuous maintenance is not required for the security rules. I believe that my experience and skills make me the best fit for this job.
I have worked on numerous projects involving the administration of security for databases like Firebase and can provide guidance on how to protect user data in the best way possible. With my knowledge of administrating security for databases, I can ensure that your data is secured in the most effective way possible. Plus, my experience has taught me how to deal with client requirements quickly so I can deliver 100% satisfaction results within the deadline as promised.
I would love to discuss this project further with you if you have any questions or would like to set up an interview? Please don't hesitate to reach out if you're interested!
Its quite important to have your security rules set properly in firebase. From your description it looks like you are using Firebase Realtime database or Firestore database for your social media app. If the security rules are not configured well, you will keep getting reminderss like this from Google "[Firebase] Your Realtime Database 'needrive-2e7c8' has insecure rules"
needrive is my taxi hailing application using firebase database. So I have experience configuring database security rules.
Am Willis, I can resolve your issue give me a chat we see how we progress
I propose a Firebase security model ensuring robust data protection for your social media app. Grant users write access to manage their outgoing friend requests, restrict writing to incoming requests, and enable read access to personal requests. Implement a secure system for accepting friend requests, allowing mutual updates to allFriends. This setup guarantees data integrity while fostering a seamless user experience.