Firestore
Firestore
Note
Firestore can use directly from GCP but there is extra features if you use in Firebase
Rules
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /Users/{document} {
allow create:
if request.auth.uid == document
&& request.resource.data.keys().hasAll(["name", "nick", "created_at"])
&& request.resource.data.keys().hasOnly(["name", "nick", "created_at"]);
allow read: if request.auth.uid == document;
allow update:
if request.auth.uid == document
&& (request.resource.data.diff(resource.data).affectedKeys()
.hasOnly(["name", "nick"]));
allow delete: if request.auth.uid == document;
}
}
}
Rules example for subscriptions
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
function hasBasicSubs() {
return request.auth.token.stripeRole == "basic";
}
function hasPremiumSubs() {
return request.auth.token.stripeRole == "premium";
}
match /content-basic/{doc} {
allow read: if hasBasicSubs() || hasPremiumSubs();
}
match /content-premium/{doc} {
allow read: if hasPremiumSubs();
}
match /customers/{uid} {
allow read: if request.auth.uid == uid;
match /checkout_sessions/{id} {
allow read, write: if request.auth.uid == uid;
}
match /subscriptions/{id} {
allow read: if request.auth.uid == uid;
}
}
match /products/{id} {
allow read: if true;
allow write: if false;
match /prices/{id} {
allow read: if true;
allow write: if false;
}
}
}
}
Tip
Is allways a good idea manage the rules from code and store in a git repo and deploy with firebase cli
firebase init
firebase deploy