Home > Enterprise >  Firestore allow read if collection name matches
Firestore allow read if collection name matches

Time:10-22

I'm trying to implement what I thought was a basic security rule in Cloud Firestore, namely to allow read access to a specific collection.

service cloud.firestore {
  match /databases/{collectionName}/documents {
      match /{document=**}{
      allow read : if collectionName=="metadata";
      }
  }
}

so in the rules playground, the query for /metadata/status gets denied, however, if I switch the operator to != instead of ==, it allows any query for any collection, not just the ones that aren't metadata. Help?

CodePudding user response:

The placement of that wildcard is incorrect. The collectionName would be name of the database which is (default) for default database and hence "(default)" == "metadata" returned false. Try the following rules:

service cloud.firestore {
  match /databases/{database}/documents {
    match /{collectionName}/{doc}{
      allow read : if collectionName == "metadata";
    }
  }
}

Here collectionName would be name of collection being accessed.


This rule however will be applied for all collections. If you want to add that rule for 'metadata' collection only then you can add a separate rule for that:

match /metadata/{doc} {
  allow read: if true;
}
  • Related