How can I apply a complete audit trail for users interacting with a firebase database?
I will need to follow the guidelines for medical records, that is, the user reference identifier, authorization scheme, action (c / r / u / d), subject of the action.
Based on feedback, parameters are still registered by the client or set up a service that listens for changes.
However, the client can be tampered with, and the service that listens for changes will skip reading.
Ideally, I would like to use the .write and .read rules, because there I have auth and ruledatasnapshots marker payloads. As far as I can collect, you can return a boolean value and not perform any database interactions in the rules file.
Remko source
share