Kuhlemann
Reputation: 3396
Role based access to FireStore
I am trying to implement role based access to Firebase Firestore but although I took a look at Googles well done documentation I wasn't able to get it working. I have set a string "role" in each users document. The document itself has the uid of the user.
My rule to access the users collection looks like this and the write rule must be wrong:
service cloud.firestore {
match /databases/{database}/documents {
match /users/{document} {
allow read: if get(/databases/$(database)/documents/users/$(request.auth.id)/role/$(role)) == "Mitarbeiter"
}
}
}
XCode-console error:
[Firebase/Firestore][I-FST000001] Listen for query at users/EStQNC4cYcaSnKpxs4XnQf96brm2 failed: Missing or insufficient permissions.
Upvotes: 0
Views: 440
Answers (1)
Doug Stevenson
Reputation: 317332
The path of your document get() is looking inside a subcollection called "role", but you have none:
/users/$(request.auth.id)/role/$(role)
Also, you have no variable called "role" that we can see here.
Using what you've shown, it looks like the role you need is in the document itself, so there's no need for a get(). Just check it like this:
allow read: if resource.data.role == "Mitarbeiter";
Upvotes: 1
Related Questions
- User role for Firestore manage in Google cloud
- Firestore security access roles system
- Firestore role based rule
- Flutter Firestore Role Based Security Rules
- User to access only his/her document in Firestore
- Restrict Firestore access to authenticated users
- Cloud Firestore permissions
- Role based authentication depending on group in google cloud firestore rules
- Restricting access to Firebase Firestore and Storage
- Firestore role based authentication not working as expected