Reputation: 175
Using Reference in Security Rule
Suppose there are two documents that
/orgs/foo
/users/alice
and /users/alice has a reference-type field org which references /orgs/foo.
/orgs/foo should be accessible when request.auth.uid == 'alice'. How can I do that?
I guess it is something like this, but I cannot figure out. In other words, how can I get the ID of the referenced document?
function isOrgMember(orgId) {
return get(/databases/$(database)/documents/users/$(request.auth.uid)).data.org.__id__ == orgId;
}
match /orgs/{orgId} {
allow read: isOrgMember(orgId);
}
Upvotes: 6
Views: 235
Answers (1)
Reputation: 76
I know it's been a while since the original question but I've had a similar issue and I hope this could help you or others.
Your condition is:
get(/databases/$(database)/documents/users/$(request.auth.uid)).data.org.__id__ == orgId;
But org is a reference, which (apparently) means you need to get it as well. Try this:
get(get(/databases/$(database)/documents/users/$(request.auth.uid)).data.org).id == orgId;
Upvotes: 2
Related Questions
- firestore security rules syntax for
- Firebase Firestore including resource prevents the rule from matching
- Firestore security rules with reference fields
- Firestore rules unable to check if a reference exists
- Access database reference in firestore rules
- Firestore security rules check if reference exists
- Referencing variables in Firestore Rules
- firebase rule with cloud firestore
- How to check the path in a reference in a security rule?
- Firestore security rule using reference to another document