skip to Main Content

I’m using Firebase on my project, but when i use custom rules, nothing work.

I wanna allow reads from all users, but only admins can update, delete and write new datas

My rules

rules_version = '2';

service cloud.firestore {
  match /databases/{database}/documents {
    match /documents/{collectionName} {
       allow update, delete, write: if isAdmin();
       allow read: if true;
    }
    
    function isLoged() {
        return request.auth != null && request.auth.uid != null
    }
    
    function isAdmin() {
      return isLoged() && get(/databases/$(database)/documents/users/$(request.auth.uid)).data.role == "ADMIN";
    }
  }
}

My use

import { initializeApp } from 'firebase/app'
import { getFirestore, collection, getDocs } from 'firebase/firestore'

// Configurações do seu projeto Firebase
const firebaseConfig = { ... };

const app = initializeApp(firebaseConfig);

// Referência para o Firestore e o Storage
const db = getFirestore(app)

export const animesCollection = collection(db, 'animes')

console.log({ docs: (async () => await getDocs(animesCollection))() })

In the Firestore rules lab everything works perfectly

This work, but i do know how can i configure my rules based com collection name and auth

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write: if true;
    }
  }
}

2

Answers


  1. Chosen as BEST ANSWER

    I fixed it by changing the rules to

    rules_version = '2';
    
    service cloud.firestore {
      match /databases/{database}/documents {
        match /{collectionName}/{documentId} {
          allow read: if true;
          allow write, update, delete: if isAdmin();
        }
        
        function isLoged() {
            return request.auth != null && request.auth.uid != null
        }
        
        function isAdmin() {
          return isLoged() && get(/databases/$(database)/documents/users/$(request.auth.uid)).data.role == "ADMIN";
        }
      }
    }
    

  2. Here are the updated rules for reference:

    service cloud.firestore {
      match /databases/{database}/documents {
        match /{collectionName}/{documentId} {
          allow read: if true;
          allow write, update, delete: if isAdmin();
        }
        
        function isLogged() {
            return request.auth != null && request.auth.uid != null
        }
        
        function isAdmin() {
          return isLogged() && get(/databases/$(database)/documents/users/$(request.auth.uid)).data.role == "ADMIN";
        }
      }
    }
    

    All users will be able to read the documents thanks to these rules, but only administrators will be able to write to, edit, or remove them. To implement the modifications, don’t forget to deploy these revised rules to your Firebase project.

    This is the official Firebase security rules documentation. The Firebase Security Rules Documentation gives an overview of the rules syntax, security ideas, and samples of rule settings.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search