Stack: Firebase, Angular 14 Angularfire
I have users and each users is allowed to only have 10 trackers / blog posts / videos, which is currently only enforced on the Frontend.
How can I forbid the creation of a document when the user already has a certain amount of documents (with his uid stored as a field) in the Firestore security rules?
I am using Firestore security rules version 2
CodePudding user response:
You would have to keep the count of the trackers/blog post/video documents separately in another field (and possibly in another document).
Maybe use Cloud Functions to auto-increment/decrement these counters on the corresponding document creation/deletion.
Then in Firestore Security Rules, you can check if the value exceeds 10, and then permit or reject access accordingly. Something like the following
allow create: if get(/databases/$(database)/documents/counters/$(request.auth.uid)).data.trackersCount <= 10;
The above rule is just an example. It assumes that you are storing the count in documents (whose id is the user's uid) and are found in counter's collection