best easy know

1、auth != null    – only auth pass user ( login success user)

2、$uid === auth.uid   – usually only data owner can read or modify
$userId === auth.uid

==========
1、only admins group can wirte data

a. Database data
add admins -> add uid:true   (uid -> user in admins group)

b. Database rule
add
{
  “rules”: {
 
    “admins”:{
      “.read”  : “auth != null && root.child(‘admins’).hasChild(auth.uid)”,
      “.write” : “auth != null && root.child(‘admins’).hasChild(auth.uid)
    }
 
  }
}

now uid in admis, can modify admins

If items only admis can add or modify, everyone can read.

{
  “rules”: {
 
    “items”:{
      “.read”  : “auth != null “,
      “.write” : “auth != null && root.child(‘admins’).hasChild(auth.uid)
    }
 
  }
}

2、maybe your want user in admins group and some special oooooxxxx

{
  “rules”: {
 
    “items”:{
      “.read”  : “auth != null “,
      “.write” : “auth != null && **root.child(‘admins’).hasChild(auth.uid) && root.child(‘admins’).child(auth.uid).val()===“oooooxxxxxx” **”
    }
 
  }
}

http://stackoverflow.com/documentation/firebase/3352/database-rules#t=201701110341085943147

https://gist.github.com/sararob/331760829a9dcb4be3e7   see HerRomero answer

http://stackoverflow.com/questions/21815229/is-there-a-way-to-restrict-registrations-in-firebase/21834842#21834842