Home > OS >  How To Add Firebase Rules To Specific User To read And Write And all other User only read?
How To Add Firebase Rules To Specific User To read And Write And all other User only read?

Time:06-05

I Have Created firebase and flutter app and google is sending me emails saying firebase rules are not good. How do I make those rules better? I want to give permission to login users to read and my account to read and write permission.

CodePudding user response:

I hope that will help you.

service cloud.firestore {
  match /databases/{database}/documents {
    // Make sure the uid of the requesting user matches name of the user
    // document. The wildcard expression {userId} makes the userId variable
    // available in rules.
    match /users/{userId} {
      allow read, update, delete: if request.auth != null && request.auth.uid == userId;
      allow create: if request.auth != null;
    }
  }
}

CodePudding user response:

This is a correct way you can secure database.

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    // Line below secure whole database so users are not alowed to create any new collections etc.
    match /{document=**} {
      allow read, write: if false;
    }
    match /app/{dataId} {
      allow read: if true;
      allow write: if isAdmin();
    }
    match /posts/{dataId} {
        allow read: if resource.data.isPublic == true || isAdmin();
        allow write: if isAdmin();
    }
  }
}

function isAdmin() {
    return request.auth.token.admin == true;
}

Users don't have any .admin variables. You have to assign them using firebase functions. Read about custom claims.

Page link:https//www.codepudding.com/os/431034.html

Prev:explorer command doesn't work in pwsh / Windows Powershell after upgrade to Windows 11
Next:how to solve fcm notification response receive failure issue?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding