android - Firebase: How to grant permission to add new nodes but only the owner can modify them? -

i have problem firebase rules.

i want grant write access books node (add new books) authenticated users. also, want single book can modified owner of book. db , rules:

o- books    o- book1      o- owner : user1     o- name : nice book     o- pages { ... }     o- users { ... }    o- book2     o- owner : user2     o- name : other book     o- pages { ... }     o- users { ... } 

and here rules

{   "rules": {     "books": {       ".write": "auth != null",       "$bookid": {         ".read": "data.child('users').haschild(auth.uid)",         "pages" : {           ".write": "data.child('owner').val() == auth.uid"         }       }     }   } } 

the problem is granting write operation in /books/book1 authenticated user2 because first write (auth != null) true...

i appreciate help, thank much.

when set write access right under books branch give write access users write on whatever data under it. guess looking following:

{   "rules": {     "books": {       "$bookid": {         ".write": "newdata.child('owner').val() == auth.uid && (!data.exists() || data.child('owner').val() == auth.uid)",         ".read": "data.child('users').haschild(auth.uid)"       }     }   } } 

this ensure whatever change user make have uid on it. , also, if not new book book owned him.