jzappers
Reputation: 9
Firestore security rules check parent fields while calling child collections
So my firestore database is structured as such:
documents -> collection -> docID -> collections -> documents
Inside the docID document I have a field called live which is a boolean set to either true or false. If live is true, I want to allow access to all documents and subdocuments, but if its false do not allow read. I've tried structuring it as such:
match /collections/{docID} {
allow read: if resource.data.live == true;
allow write: if false;
}
What is incorrect with this code?
Upvotes: 0
Views: 394
Answers (1)
itsam
Reputation: 301
match /collection/{docID} {
match /collections/{document=**} {
allow read: if get(/databases/$(database)/documents/collection/$(docID)).data.live == true;
allow write: if false;
}
}
Here, document=** means all nested documents (of the same collection as well as nested). And a simple get call to read your {docID} document.
You can find more info here Access other documents
Upvotes: 1
Related Questions
- Firestore security rule to cover parent documents and nested collection based on array field
- firestore security rules / check field type in nested object
- Firestore security rule: query subcollection based on permission of parent document
- Firestore rules on subcollection
- Firestore Security Rules - allow read subcollection based on its parent document data
- Firestore rules allow subcollection
- Cloud Firestore rules on subcollection
- Firestore security rule - how to secure subcollection?
- Firestore security rules, restricting child/field
- Firestore: restricting child/field access with security rules