CODEWITHSUNDEEP
google-cloud-firestoreangular6firebase-security
Dev
Dev

Reputation: 1374

Firestore Security Rule:Add data based on timestamp value

I want to read or write some data from/to firestore based on a security rule that enforces user to correct his local machine date should be correct ,means neither past nor future.If the client machine time is not correct, he does not have the ability to read or write data;

now i have tried with security rule 

 service cloud.firestore {
 match /databases/{database}/documents {
 match /{document=**} {
  allow read:if true;
  allow create: if (request.resource.data.timestamp == request.time.toMillis());
  }
 }
}

but it always shows a message that permission denied.How can achieve this.?

my code is 

  batch.set(ref, {
    timestamp: new Date().valueOf(),
    name: formData.name ? formData.name.toLowerCase() : null,
    type: formData.type ? formData.type : 'percentage',
    rate: isNaN(formData.rate) ? 0 : Number(formData.rate),
    date1: formData.date1 ? new Date(formData.date1) : null,
    date2: formData.date2 ? new Date(formData.date2) : null,
    time1: formData.time1 ? formData.time1 : null,
    time2: formData.time2 ? formData.time2 : null,
    id: ref.id,
    createdAt: firebase.firestore.FieldValue.serverTimestamp(),
    typeArray,
    enabledDays: dateArray,
    isActive: true,
    isTotalEnabled: formData.dOnTotal,
  });

Thanks in advance

Upvotes: 1

Views: 988

Answers (1)

MrAleister
MrAleister

Reputation: 1581

request.resource.data.timestamp == request.time.toMillis(). Give it a bit more leeway (10 s for example): 

math.abs(request.resource.data.timestamp - request.time.toMillis()) < 10000;

Upvotes: 2

Related Questions