'Firebase security rules with Facebook and Twitter APIs

i have android app with used Firebase as database, there are security rules should be added in Firebase platform, i tried to them, but when i added the below code, the app dont work good with Facebook/Twitter get friends permission, that is no friends shown in my app. So i think there are special code which be there so it will work good. My database database tree tree is attached in the picture. User treethere are folders inside MYCONTACTS and myfriends folders, is this need to be added? here is the picture

{

  "rules": {
      // Allow anyone to read data in User folder, but only authenticated content owners can
      // make changes to their data
    "USER": {      
         ".read": "auth != null",
       "$uid": {
        ".write": "auth.uid == $uid"
      }
    },
      // Allow anyone authenticated to read data in MyApps folder, but only authenticated content owners can
      // make changes to their data
       "MYAPPS": {
                  ".read": "auth != null",
      "$uid": {
        ".write": "auth.uid == $uid"
      }
    },
       // Allow anyone log in to read data in APPICONS folder,
       "APPICONS": {
        ".read": "auth.uid != null",
        ".write": "auth.uid != null"
    },
      // Allow anyone authenticated to read data in MYFRIENDS folder, but only authenticated content owners can
      // make changes to their data
       "MYFRIENDS": {
        ".read": "auth != null",
        ".write": "auth != null"   
         
    },
      // Allow only authenticated content owners can to read data in MYCONTACTS folder
      // make changes to their data
       "MYCONTACTS": {
         ".read": "auth != null",
      "$uid": {
        ".write": "auth.uid == $uid"
      }
    },
      // Allow anyone authenticated to read data in NOTIFICATION folder, but only authenticated content owners can
      // make changes to their data
       "NOTIFICATION": {
                  ".read": "auth != null",
             ".write": "auth != null"

    }
   },
      
      // Allow anyone authenticated to read data in Tokens folder, but only authenticated content owners can
      // make changes to their data
       "Tokens": {
                  ".read": "auth != null",
      "$uid": {
        ".write": "auth.uid == $uid"
        
      }
    }
  }
}
facebookfirebase-realtime-databasetwitterfirebase-security


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

Debug embedded browser view in native Facebook iOS app

Facebook Page Feed Webhook work in test but not when live

Facebook is not compressing Java Script files used in Like and Comment Plugin

Database schema for messaging to multiple users

Facebook SDK : logging out automatically

Facebook share error : "the page you requested cannot be displayed right now"

Getting public posts of a random user from Facebook API

Cannot deserialize the current JSON object (e.g. {"name":"value"}) into type 'System.Collections.Generic.List`1

Accessing friend list in facebook

Facebook adding tester users and admin is: (pending), what does that mean?

Installing Facebook APK in Genymotion

How to recover deleted Facebook app?

Facebook API – how to get Page-Scoped User ID (ids_for_pages is empty)?

How to exclude tagged posts from Facebook Graph API response

Facebook Pixel and Conversion API events deduplication stopped working