Here’s what I’ve written;
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /reservedUsernames/{username} {
allow update: if false;
allow create: if request.auth != null;
}
}
}
I already added a document with ID sam
and a field userId
= 122
. If I run an update on that document, see how below, it succeeds! How can I allow creations but no updates?
db.collection("reservedUsernames")
.document(searchableUsername)
.setData(["userId": userId])
2
Answers
I managed to do it by using Security Rules:
This way I check if I'm updating an existing document and it passes only if I'm not!
When using:
It means that you’re setting the data, and not updating it. The following rule:
Indeed rejects all update operations but as @DougStevenson mentioned in his comment, having it in your rules it’s the exact same thing as not having it at all, because by default the rules are set to false.