To apply the request (and user) access rule, you must add the Firebase Authentication user ID (UID) to the path that will be controlled.
Sample user UID: "rvCXWGhMkbYul6wS9gfxQSAXbmq1"
{
"pedidos":{
"rvCXWGhMkbYul6wS9gfxQSAXbmq1":{
"-LMqiTIhAr-VUMKpq8FD":{
"name":"asdasdsa",
"tel":"213"
},
"-LMr1wgwinGyew0rVpWs":{
"name":"sadasd",
"tel":"123"
}
}
},
"users":{
"rvCXWGhMkbYul6wS9gfxQSAXbmq1":{
"cnpj":"123456",
"email":"[email protected]"
}
}
}
Rule for writing and reading:
{
"rules": {
"pedidos": {
"$uid": {
".write": "$uid === auth.uid",
".read": "$uid === auth.uid",
}
},
"users": {
"$uid": {
".write": "$uid === auth.uid",
".read": "$uid === auth.uid",
}
}
}
}
Source: link