Security rules don't filter and we don't have a way to hold back a value based on any logic. We can fall the whole record but not just the value.
Two initial options:
1) Involve a request intermediary like our service so the email can be stripped before delivering to the requestor.
2) Move emails to separate user tree and request separately.
Jaymassena
commented
7 years ago
Security rules don't filter and we don't have a way to hold back a value based on any logic. We can fall the whole record but not just the value.
Two initial options: 1) Involve a request intermediary like our service so the email can be stripped before delivering to the requestor. 2) Move emails to separate user tree and request separately.