I'm fairly new to Cloud Firestore particularly security roles, but being that they're significantly important I'd rather start the new build of the project surrounding them.
Now as a basic insight, I have a dashboard of which users have to sign in with their email addresses and passwords, of which then they can access data such as regional information. To start off with the security rules, I figured I'd start out simple, and yet as the title states I'm getting:
Error: Missing or insufficient permissions
I've looked at https://firebase.google.com/docs/firestore/solutions/role-based-access
service cloud.firestore {
match /databases/{database}/documents {
match /regions/{region} {
function isSignedIn() {
return request.auth != null;
}
function getRole(rsc) {
// Read from the "roles" map in the resource (rsc).
return rsc.data.roles[request.auth.uid];
}
function isOneOfRoles(rsc, array) {
// Determine if the user is one of an array of roles
return isSignedIn() && (getRole(rsc) in array);
}
// Any role can read regions.
allow read: if isOneOfRoles(resource, ['owner', 'writer', 'commenter', 'reader']);
}
}
}
I have a collection of regions and each region has a title, along with a roles map having for example:
roles: {
(uid): "owner",
(uid2): "writer",
(uid3): "reader",
}
Thanks for your help, I feel like I'm missing something real simple. The check for isSignedIn()
works, but the check of roles does not.
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…