My firestore sucurity rule for getting multiple documents doesn't work
Question
I have this rule
allow read: if request.auth.uid == resource.data.author
and it doesn't allow me to get multiple documents with getDocs.
But it allows to get a document with getDoc.
PS: I used this to retrieve the documents
const col = collection(db, collectionPath)
const documents = await getDocs(col)
and got this error
FirebaseError: Missing or insufficient permissions.
but this worked
const col = collection(db, collectionPath)
const document = await getDoc(doc(col,documentID))
1 answers
solution1
2 ACCPTED 2023-01-14 15:34:49
You're confusing security rules with filters . The security rule in your question will only let through queries where all documents satisfy the rule, so if you try to get the entire collection using getDocs(collection) , it won't return anything.
Instead, try querying your database using your Author field, like the method in this answer , which uses whereEqualTo() to filter results by field:
const col = firestore.collection(db, collectionPath).whereEqualTo("author", author)
const documents = await getDocs(col)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.