发表新帖
发表新帖

Configure the firestore security rules to allow users to only access their own data - efficiently

后端 未结
关注
4 1812
庸人自扰
庸人自扰 2021-02-16 00:01

Using firestore with angularfire2 rc 2.

All is working very nicely in development with no effective security rules.

These are the no security rules - where the cli

4条回答
  • 小鲜肉
    小鲜肉 (楼主)
    2021-02-16 00:48

    In my case, I needed the permissions for creating the user as well so the other solutions did not work for me. I had to also allow access to /users/{userId}. Here is my code:

    service cloud.firestore {
  match /databases/{database}/documents {
    match /users/{userId} {
      allow read, write: if request.auth.uid == userId;
      match /{allSubcollections=**} {
        allow read, write: if request.auth.uid == userId;
      }
    }
  }
}

    0 讨论(0)
 看不清?
提交回复
热议问题