Rules realtime database

Question

I want to create a rule, which when one login account reads and writes to the database, can you help me, and is there something wrong with my code?

this my rules database

{
  "rules": {
    "User": {
      "$uid": {
     ".read": "auth !== null && auth.uid === $uid",
        ".write": "auth !== null && auth.uid === $uid"
        }
    },
      "Layanan Nasabah": {
       ".read": "root.child('User/' + auth.uid).exists()",
        ".write": "root.child('User/' + auth.uid).exists()"
      }
    }
}

this my codes

database.child("Layanan Nasabah").child(mAuth.getUid()).setValue(new pengaduan
            (getNo,getNo_Tiket,getNama_Penelpon,getPenelpon1,getPenelpon2,getEmail,getPertanyaan,getTertanggung,getNo_Polis,getObyek,getCatatan)).addOnSuccessListener(unused -> {
        Toast.makeText(TambahActivity.this, "Data Berhasil Disimpan", Toast.LENGTH_SHORT).show();
        startActivity(new Intent(TambahActivity.this, OnprogressActivity.class));
        finish();

    }).addOnFailureListener(e ->
        Toast.makeText(TambahActivity.this, "Data Gagal Disimpan", Toast.LENGTH_SHORT).show());
}

Answer 1

From what I understand you want only logged in users (authenticated users) to read/write to nodes in your database.

This rule:

    ".write": "auth !== null && auth.uid === $uid"

Means that any authenticated user can only write to his own uid.

In users node, you already did what you are asking for:

//because this means any authenticated user can read and write their 
//own nodes (UIDs)

"User": {
  "$uid": {
    ".read": "auth !== null && auth.uid === $uid",
    ".write": "auth !== null && auth.uid === $uid"
    }
}

UPDATE

If you also want that authenticated users only can read and write to Layanan Nasabah node, you can do this:

"Layanan Nasabah": {

 "$uid":{

   ".read": "root.child('User/' + auth.uid).exists() && auth !== null && auth.uid === $uid",

   ".write": "root.child('User/' + auth.uid).exists() && auth !== null && auth.uid === $uid"

 }

}