How can I provide users with access to data for anything below a certain node in a hierarchical structure And facilitate the request? Can this be done in Firebase, or should I abandon my favorite Firebase and go back to ... grumble grumble ... RDBMS?
I tried two different ways. One makes it easy to request, but difficult to restrict access. Another simplifies access restriction, but means that I have to execute nested loops in order to aggregate all my data.
In particular, I have a typical business organization:
- Company
- Western region
- South Region
- Company 2 ... etc.
At the lowest level (department) I have orders, the amount of which I must fill out.
()
{
"Orders": {
"UniqueID1": {
"company": "Company",
"region": "West Region",
"division": "Division 1",
"department": "Department 1",
"amount": 19.8
},
"UniqueID2": {
"company": "Company",
"region": "West Region",
"division": "Division 1",
"department": "Department 1",
"amount": 20.1
},
...and so on.
},
"Users": {
"Bob UID": {
"departments": {
"Department 1": true,
"Department 2": true
}
}
}
}
{
"Orders": {
".indexOn": ["company", "region", "division", "department"],
".read":false,
".write":false,
"$order_id": {
".read": "root.child('Users').child(auth.uid).child('departments').hasChild(data.child('department').val())"
}
}
}
Pros
- , :
ordersRef.orderByChild('division').equalTo('Division 1'). - . 2 200 000.
- , .
permission_denied , . , , " , tsk tsk tsk".
( )
{
"Orders": {
"Department 1": {
"UniqueID1": {
"company": "Company",
"region": "West Region",
"division": "Division 1",
"amount": 19.8
},
"UniqueID2": {
"company": "Company",
"region": "West Region",
"division": "Division 1",
"amount": 20.1
},
},
"Department 2": {...
...and so on.
},
"Users": {
"Bob UID": {
"departments": {
"Department 1": true,
"Department 2": true
}
}
}
}
{
"Orders": {
".read":false,
".write":false,
"$order_id": {
".read": "root.child('Users').child(auth.uid).child('departments').hasChild(data.child('department').val())"
}
}
}
Pros
- , - "Orders/$order_id/" + , , , , .