How do I access the document ID in firestore rules
The following rules will be effective on documents of 'All Schools' collection only and not documents of 'Classrooms' sub-collection:
match /All%20Schools/{schoolID} {
// ...
}
That's why db.collection("All Users").doc(uid).get()
works and fetching 'Classrooms' collection fail since you do not have any rules specified for it. Although you had a recursive wildcard earlier (before editing the question), resource
object contains data of those documents being matched in 'Classrooms' sub-collection and hence getUserData().school == resource.id
failed too.
That being said, try specifying rules for 'Classrooms' sub-collection as well:
match /All%20Schools/{schoolID}/Classrooms/{classId} {
allow read, write: if getUserData().school == schoolID;
}
Firestore rules to access collection that matches Auth uid
Solved this problem after using the rules playground.
First I didn't have permission to look at the parent document at all, then I gave specific document permission to each user to access the specific child document.
If I add a new child document I will need to add a rule.
service cloud.firestore {
match /databases/{database}/documents {
match /UserData/{ID}{
allow read, write :if request.auth != null && request.auth.uid == ID;
// allow users to create and access their parent document
}
match /UserData/{userId}/randomDocumentName/{doc=**} {
allow read, write :if request.auth != null && request.auth.uid == userId; // allow read and write to the documents they own
}
}
}
Only allow document to be read if ID is known
It's pretty common to do this kind of authorization, and yes, it's possible.
Firestore Security Rules provide to us request.auth.uid
which contains the UID of the user making the request or null if it's unauthenticated.
So, you could use that information with an equality operator:
match /proposals/{uid} {
allow list, update, delete: if false;
// Allow getting Documents if the Document ID is equal to the currently uid of the authenticated user who is making the request.
allow get: if request.auth.uid != null && request.auth.uid == uid;
allow create;
}
You should use get
to define rules that will apply when any user is trying to get a document. Note that read
is for any type of read request, which includes get
and list
.
More about Security Rules and Authentication: https://firebase.google.com/docs/rules/rules-and-auth
Firestore Rules, request.auth.uid is not the same as uid I get from firebase auth google signin
First of all, it's not a good idea from a modeling perspective to give each user their own top-level collection. You should instead give them each a document in a single collection (say, "users") then give them subcollecitons under that as needed. You will probably understand why this after you use Firestore for a while, but even if you don't understand now, I suggest you change it to closer to what you see in the documentation.
The rule you have now doesn't work because it doesn't match any documents. You need at least two components to match a document. If you want to match all documents in a collection, you will need another wildcard for that:
rules_version = '2';
service cloud.firestore {
match /databases/{database} {
match /{userId}/{docId} {
allow read, write: if request.auth.uid == userId;
}
}
}
Firestore Rules matching UID with Document Field not working
Your query does not match your rules. Your rule absolutely requires that the user must only query for specific documents where their UID matches quid field of the document. However, your query doesn't put any requirements on the quid field. It's important to know that Firestore security rules are not filters, and they will not allow a query where there is any possibility of matching a document that does not satisfy the rules as written.
In order to get your query to work, it must specify a filter on the quid field that matches the requirements of the rule.
db.collection('question')
.where("email", "==", userObject.email)
.where("quid", "==", uid)
where uid
is the UID of the currently signed in user (e.g. firebase.auth().currentUser.uid
).
Related Topics
Lazy Property Initialization in Swift
Skaction Completion Handlers; Usage in Swift
Generatesdecimalnumbers for Numberformatter Does Not Work
Making Parts of Text Bold in Swiftui
What Makes a Property a Computed Property in Swift
Get Signed Integer from Swift String of Binary
Save & Retrieve Tableviewcell Checkmark Using Nsuserdefaults in Swift
Swift Switch Statement Considered All Cases of Int, But Compiler Still Display Error
How to Loop Through an Array from the Second Element in Elegant Way Using Swift
Arkit -Drop a Shadow of 3D Object on the Plane Surface
Extending View with Extra Function Without Using Anyview
How to Make a Button Have a Rounded Border in Swift
How to Change Navigationbar Font in Swift
Swift: How to Get Everything After a Certain Set of Characters
Appearance Proxies/Ui_Appearance_Selector in Swift