My question is how can i make this work.
rules_version: "2";
service cloud.firestore { //define used service
match /databases/{databases}/documents { //not a specific database (important)
match /{document == request.auth.token.sub} { //how can this work?
//some more conditions and allows
}
}
}
Users should be able to access a number of databases but all the documents are named after the users UID, which is request.auth.token.sub, or so i think. The UID and the documents name should match. How can I write this in firebase-security-rules-language?
Edit
Here is my working solution:
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow create: if request.auth != null;
}
match /{database}/{userId}/{document=**} {
allow read, update, delete: if request.auth != null &&
request.auth.uid == userId;
}
}
}