skip to Main Content

Is it possible to write more advanced paths, dependent on a certain condition, in the user_privacy.json file to delete user data through the clearData() cloud function?

More specifically, we have a rather complex database structure implemented in firebase realtime database, and we are trying to implement a way for the user to automatically initiate account deletion from our app clients, which will also clear the database of any user generated data.

For example, we have feed entries which are stored in path:

/feedEntries/feedEntryId

and we would like to delete the entire feed entry where the user id equals the content of the following path:

/feedEntries/feedEntryId/profileKey

We assume that if we just write the path as stated in the docs for the clearData function, it will only remove the contents of the profileKey entry of the feed entry in question:

"database": {
"clearData": [
"/users/UID_VARIABLE",
"/feedEntries/feedEntryId(?)/profileKey/UID_VARIABLE"
]

What should be in place of the feedEntryId, to represent a dynamic feed entry id, making it check all feed entries for the profileKey in question?
Is it possible to make it delete the whole feed entry based on a comparison of the UID_VARIABLE and the contents of the "profileKey" entry?

If this is not possible, might we be able to achieve something similar, using db rules maybe?

Thanks in advance.

2

Answers


  1. 1 . Proposition edit your rules to check if the user is allowed to delete : check if user token is the same user connected

    match /anonymous/{anonymousId} {
        allow delete: if request.auth != null && request.auth.uid == anonymousId;
    }
    

    2 . Proposition edit your rules to check if the user is allowed to delete: you can also match the uid with another document’s data or property

    match /items/{itemId} {
        allow delete: if (get(/databases/$(database)/documents/userAdmin/$(request.auth.uid)).data.itemId == itemId
    }
    
    1. Proposition use Cloud function transaction or batched writes, run forEach on collection and remove document one by one inside a single transaction, please find below link on documentation

    Cloud function transaction, batched writes

    Login or Signup to reply.
  2. ok, you right ! no remove (aggregation) rule with real-time database only .write

    however I’m sure you can solve your problem with transaction, the principe is to read what you want before update.

    so you can read and check profileKey === feedEntryId, then you remove your item with update null or remove method

    doc firebase realtime-database: transaction with real-time database

    doc firebase realtime-database: remove method

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search