Reputation: 13
I have been working around rules to my Firestore Cloud database. I would like to implement rule, that allows create, update, delete on docs if user with ID, which is stored in database, has field role set to admin.
Is it possible to retrieve users role in database rules somehow?
I am not using the Admin SDK, so I do have declared custom claims to each user.
Upvotes: 0
Views: 39
Reputation: 1374
Definitely, you can use get
method to access other document within security rule
get(/databases/$(database)/documents/users/$(request.auth.uid)).data.role== 'admin'
This method will access the document from users
collection where document id is equivalet to currently signed user's UID
. Remember, while using this method you will be billed for reading documents even if your rules reject the request.
Upvotes: 1