Welcome to the CSC Q&A, on our server named in honor of Ada Lovelace. Write great code! Get help and give help!
It is our choices... that show what we truly are, far more than our abilities.

Categories

+7 votes

I need to have a way to modify my data in the database without opening it to everyone. I tried doing the https://firebase.google.com/docs/admin/setup?authuser=1 where I downloaded the .json file and everything and set my rules to:

match /{document=**
  allow read, write: if request.auth.uid == 'admin';` 

but it's still won't work saying insufficient privilege's. I know my firebase is set up correctly because when I change the rules to allows everyone read and write it works.

asked in CSC490_Spring202021 by (1 point)

1 Answer

+1 vote

The following Firestore rule checks that the request being made to your database contains a uid

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write: request.auth.uid != null;
    }
  }
}

Or if you want to check if the role of user is 'admin'

match /users/{userRole} {
   allow read: if userRole ==  'admin';
}
answered by (1 point)
+1

That didn't seem to work for my file. I think I have more of a issue with the local code then the rules on the firebase it self. Meaning when my users make a request to the database for the data I don't pass credentials that match the firebase rules.

...