Reputation: 16066
Restric firestore CRUD to users within a specific domain
I'm trying to create a rule in Firestore that restricts usage to all CRUD operations for users that belongs to a specific domain, My issue is that seems like contains clause doesn't exist in the rule context.
this is my rule:
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if isUserAndSignedIn();
}
}
function isUserAndSignedIn(){
return request.auth != null && request.auth.token.email.contains('domain.com')
}
}
the error I'm getting is: Error: simulator.rules line [9], column [36]. Function not found error: Name: [contains].
I also tried with indexOf like
request.auth.token.email.indexOf('domain.com')!=-1 request.auth.token.email.endsWith('domain.com')
Upvotes: 1
Views: 85
Answers (1)
Reputation: 317487
request.auth.token.email is going to be a String, and according to the reference docs, String doesn't have a method called "contains". It does have a method called matches for using regular expressions, and you can see the documentation has a handy bit of sample code:
'[email protected]'.matches('.*@domain[.]com') == true
Which you should be able to adapt to your case:
return request.auth != null && request.auth.token.email.matches('.*@domain[.]com')
Upvotes: 4
Related Questions
- how can i restrict access to firestore database to only requests coming from specific domain?
- Making a Cloud Firestore REST API call through Cloud Endpoints?
- Firestore REST API make authenticated request with http-client
- Custom Rest API And Firestore Database
- Restricting Cloud Firestore to a specific domain
- REST API Firestore authentication with ID Token
- Restrict Firestore gmail sign in to specific domain
- Firestore REST API database listening
- firestore auth rule: for google signed in client
- Configuring rules for Firestore so user only gets records they own