Ad

Accessing Field In Document Of Firestore Rule Is Not Working

I am writing Firestore rules for an android app I'm currently developing. I am having trouble writing security rules. I want to have a collection of editors where each document is named after a userId and stores the role of that userId in itself.

The path to the document for each editor is users/(userId of owner's data being accessed)/editors/(userId of accessing user). The field that contains the role is "Role" and currently the only role is "Owner". Thus it is shown in the database as Role: "Owner".

match /users/{userId} {
    allow read, write: if getUserData().Role == "Owner";   
}

function isSignedIn() {
    return request.auth != null;
}

function getUserData()
{
    return get(/databases/$(database)/documents/users/$(userId)/editors/$(request.auth.uid)).data;
}

Simulated read and writes are currently being denied.

Ad

Answer

Given how your functions are scoped, you'll have to pass userId into the call to getUserData:

match /users/{userId} {
    allow read, write: if getUserData(userId).Role == "Owner";   
}

function isSignedIn() {
    return request.auth != null;
}

function getUserData(userId)
{
    return get(/databases/$(database)/documents/users/$(userId)/editors/$(request.auth.uid)).data;
}
Ad
source: stackoverflow.com
Ad