Firestore security rules and Swift

0
votes

I'm struggling with the Firestore security rules. This is the struct for my users collection and I also have structures for other collections: machines, logs, and photos. I want to set up the rule such that data can be accessed only when the request.auth.uid == user.user_UUID

I presume my syntax must not be correct in my rule because with what I have below, I'm not able to read or write any data after I log in with me app. thinking that maybe the brackets around the user_UUID were the problemI tried changing 'match users/{user_UUID}' to 'match users/user_UUID' but that didn't work. I also tried removing the 'match /{document=**} '

each of my collections have a user_UUID field and I want security to protect such that only the respective authenticated user can access that data.

import Foundation


struct User: Codable {

var email: String?
var userUUID: String?

}

service cloud.firestore {
match /databases/{database}/documents {
   match /{document=**} {
      match /users/{user_UUID} {
      allow read, update, delete: if request.auth != null && request.auth.uid == user_UUID;
      allow create: if request.auth != null;
  
    }
  }
}
}
2
swiftgoogle-cloud-firestorefirebase-authenticationfirebase-security
You mention that you have 4 different collections. Can you share the data structure for these? Add it as an edit to the original question. I would also move the answers below to the original question as well and delete if you can. This way the community will be able to help you better.Andrew
Thanks Andrew! I was able to get it to work. I figured out that I did have to nest my collections into my user collection in order to get the request.auth.uid == userId to work. I see now how that is a much superior structure to how I original had it with standalone collections for users, machines, logs, photosLinus Bicker

2 Answers

0
votes

I think I am seeing my problem. When I create a new authenticated user, in my user collection the UUID is being captured as a field and the documentID of the user itself is getting it's own identifier which I'm capturing separately in the user as property userDocumentID.

                let db = Firestore.firestore()
           
                let usersRef = db.collection("users")
                
                let newUser = usersRef.document()
                let docID = newUser.documentID ///*** THIS MUST BE WHERE PROBLEM LIES
                
                
                let userData = [
                    //"date": "",
                    "user_UUID": result!.user.uid,
                    "userDocumentID": docID,
                    "nameLast": lastName,
                    "nameFirst": firstName,
                    "email": email,
                    "unlimited": false,
                    "password": password] as [String : Any]
                
                
                newUser.setData(userData)
                
                               
                self.user_UUID = result!.user.uid
                
                                
            }
0
votes

I've been doing more reading and am wondering if my database structure is inherently wrong. I have 4 different collections none of which are nested within the other. I am using a key value from each to link them together.

So I have machine.user_UUID to link the document to the correct record.

But I'm seeing that perhaps I should have a path such as user/machines

Could that be the source of my problems?