CODEWITHSUNDEEP
firebasegoogle-cloud-platformgoogle-cloud-firestorefirebase-security
keviinlk
keviinlk

Reputation: 1

Solve permission-denied with firebase rules

I have 3 Firestore collections, Invoices, Clients, and Infos. I wrote the following rule to allow read and write in Firestore only if the user is authenticated.

rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
 match /{document=**} {
  allow read, write: if request.auth != null;
  }
 }
}

I want to apply this rule only to the Invoices and Clients collections. For Infos, everyone should be able to read and write from the collection without authentication. I tried to change the rule as follows:

rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
 match /{document=**} {
  allow read, write: if request.auth != null;
  }
 }
 match /databases/{database}/documents {
 match /Infos {
  allow read, write: if true;
  }
 }
}

But I still get a permission denied error when I try to read data from Infos without being authenticated.

Upvotes: 0

Views: 86

Answers (1)

Alex Mamo
Alex Mamo

Reputation: 138804

The following rules should do the trick:

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /Infos/{infoId} {
      allow read, write: if true;
    }
    match /Invoices/{invoiceId} {
      allow read, write: if request.auth != null;
    }
    match /Clients/{clientId} {
      allow read, write: if request.auth != null;
    }
  }
}

For the Invoices and Clients collection, the users you'll be able to read and write into the documents only if they are authenticated, while for the Infos collection, everybody will be able to do that, no matter if it's authenticated or not.

Upvotes: 1

Related Questions