I have a problem with rules that I can not solve, I have built a project, that users can register, and when they register I want to give them permission. Something like the firebase auth. (I do not want to use auth within rules).
Every time a user logs in to my project, I update the database in the isOnline field, to true.
I have firestore users, and each user has a boolean field isOnline, for example in the image I added:
I have a collection of users, inside I have the names of the users, and inside I have a field of isOnline.
Here in the picture, frontend4 user isOnline's field is true, so for him I will give permission to use the site.
If the field isOnline come true, it means the user is logged in
This is the rules I'm trying to do, I want to access my user's isOnline, and check if it's isOnline, and if so, then give it access.
The rules I made do not work, I do not quite understand why.
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if false;
}
// Allow the user to read data if the document has the 'isOnline' to true
match /users/{itemId} {
match /{document=**} {
allow read, write: if resource.data.isOnline == true;
}
}
}
}
I want my rules to work like auth, but I refuse to use auth as it is, and want to use my way.
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth != null;
}
}
}
My goal is to give the logged in user permissions, without the use of auth, but with the isOnline field
from Give permission in rules, only to those who are connected to my project
No comments:
Post a Comment