Firebase - firestore how to check for the doc owner before write?

user1998844
November 24, 2022
52 views
0 votes
2 Answers

How do I check the document owner before allow for the user the create ?
steps:

the document is already created by the same owner.
after that the same owner will try to create property and value inside the doc.

document.owner give me error when publishing.

//only allow create in moviesCommentID/{document} when document is owned by the user
match /moviesCommentID/{document=**} {
    allow create: if request.auth != null && document.owner == request.auth.uid;
}

any help is greatly appreciated.

Answers

- FrankvanPuffelen
- November 24, 2022 at 6:04 pm
- 0 votes
0
The document variable in your rules is a string with the document ID as its value.

Firestore doesn’t have any built-in concept of a document owner. But if you have an owner field in the document’s data, you can access that in your rules as resource.data.owner. Also check the Firebase documentation on data validation in security rules.

Login or Signup to reply.

- Canada2000
- November 24, 2022 at 6:34 pm
- 0 votes
0
1- Creation

You need to have a field in the Firestore Document you are changing that stores the owner uid
```
allow create: if request.auth != null && resource.data.ownerUid == request.auth.uid;
```
2- Update:

Use the same as for "create" (owner is actually the person logged), but also add something to say they cant change the owner to another user
```
allow update: if request.resource.data.ownerUid== resource.data.ownerUid;
```
Note that request.resource variable contains the future state of the document
Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.

Firebase – firestore how to check for the doc owner before write?

Answers