1
Hello, I’m studying how the firestore security rules work and I came across the following situation.
I have a collection called: "restaurants" with three documents "uid1, uid2 and uid3". That’s where a question arose.
1 - Is there any way to ensure that only Admin can list all these restaurants?
2 - how to ensure that only the restaurant with "uid1" can update its own data and not modify the other restaurants?
1
Yes there is, you must report directly to Rules on your firebase console.
by default your Rules should come like this:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if true;
}
}
}
you can edit manually or...
-go to the test laboratory option
place the path to your collection restaurantes, scrolling further down you will get the UID field. Add the user you want to have access to this location
NOTE: you can get this UID, directly in the panel autenticação from your Firebase, search for the user you want and copy the UID.
This is the simplest way to make this configuration.
-2
If I am not mistaken, the rules have the option to publish the reading and writing in the bank, being able to change individually each one. I just don’t know if it’s possible to do this for each individual document.
Browser other questions tagged android firebase-database firestore
You are not signed in. Login or sign up in order to post.