Firestore rules map for object

Question

I'm having a collection. Each document have an object readers which will store the uid of people who will have access to the documents. It could be one or many user that can access to a document

I'm using angular firebase

constructor(private afAuth: AngularFireAuth, private afs: AngularFirestore) { 
    this.afAuth.authState.subscribe(auth => {
      this.users = afs.collection<User>('users', ref => ref.where('readers.' + auth.uid, '==', true)).valueChanges();
    });
  }

If I user the rule allow all read, my page will show the correct entries

match /users/{userId=**} {
      allow read, write;
    }

If I add in the rule to filter using uid I get the error Missing or insufficient permissions.

match /users/{userId=**} {
      allow read, write: if resource.data.readers[request.auth.uid] == true ||
                        resource.readers[request.auth.uid] == true;
    }

Appreciate any help on what did I do wrong for the rules. Thanks in advance.

i think you need to put a . inside if resource.data.readers.[request.auth.uid] == true like this — Hareesh
ok in the docs they used $(request.auth.uid) to get the value. try if resource.data.readers[$(request.auth.uid)] == true — Hareesh
resource.data.readers[$(request.auth.uid)] returns syntax error Combing through the docs I saw that it should be resource.data.readers[(request.auth.uid)]. Tried that and it didn't work as well. if resource.data.readers[(request.auth.uid)] == true and if resource.data.readers[(request.auth.uid)] != null — William
Looks like resource.readers[request.auth.uid] == true is working now — forcelain

Manuel Bauer Manuel Bauer · Accepted Answer · 2017-10-23T14:06:10

Have you tried changing your rules on database-rules to auth=null?

{
  "rules": {
    ".read": "auth == null",
    ".write": "auth == null"
  }
}

Firestore rules map for object

1 Answers