kurtzmarc
Reputation: 3137
Firebase security rules using get() in a function outside match rule
I have found that using the get() call in a function outside the match rule does not work, whereas putting it in the match rule does work:
service cloud.firestore {
// If I put this here, it does not work.
function isAdmin() {
return get(/databases/$(database)/documents/users/$(request.auth.uid)).data.permissions.hasAny(['admin']);
}
match /myrecord/{property} {
// If I put the isAdmin() here it works.
function isAdmin2() {
return get(/databases/$(database)/documents/users/$(request.auth.uid)).data.permissions.hasAny(['admin']);
}
allow write: if isAdmin();
}
}
I'd prefer this function to be at a "global" level where I can access it from all match rules. Can this be done?
Upvotes: 2
Views: 1442
Answers (1)
kurtzmarc
Reputation: 3137
I realized that I can put it after the top-level match and it works as expected:
service cloud.firestore {
match /databases/{database}/documents {
// If I put this here, after the top-level match it works
function isAdmin() {
return get(/databases/$(database)/documents/users/$(request.auth.uid)).data.permissions.hasAny(['admin']);
}
match /myrecord/{property} {
Upvotes: 2
Related Questions
- Firestore security rules: get() returns different result than the expected one
- Firestore rules saying document get function is wrong
- Firebase Firestore Rules get() Not Working
- Firestore Security Rules "get()" not working?
- Why does a Firestore security rule using get() not work while another rule using resource.data works?
- Firestore security rule get() not work
- Firestore Security Rules get Function
- Can't get Firestore Rules get() to work inside a function
- Cannot get function with 'get' part in Firestore rules to work correctly
- Firestore security rule get() not working