Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
672 views
in Technique[技术] by (71.8m points)

firebase - Firestore security rule get() not work

The solution is in the end of the post. Check it out.

Решение проблемы в конце поста. Дочитайте.

just a simple question: whats wrong with this and why this is not working?

Trying to get access with user who has role 'admin' in users section to the /titles/{anyTitle} but still get

Missing or insufficient permissions.

service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow write: if false;
      allow read: if false;
    }
    function userCanWrite () {
      return get(/databases/{database}/documents/users/$(request.auth.uid)).data.role == "admin";
    }
    match /titles/{anyTitle=**} {
      allow read: if request.auth != null;
      allow write: if userCanWrite();
    }
  }
}

Here is my database structure

P.S.

I tried another rule from official documents get(/databases/{database}/documents/users/$(request.auth.uid??)).data.isAdmin == true;

and this is not working too

UPDATE: CORRECT WAY TO DO IT

Support helped me find the solution this is how you should do:

db structure:

users -> {{ userid }} -> { role: "admin" }

database rule settings:

get(usersPath/$(request.auth.uid)).role == "admin" || get(usersPath/$(request.auth.uid)).data.role == "admin";

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)
Waitting for answers

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...