When a user signs up and they initialise their data in firestore, I want to validate that they aren't attempting to set their role (i.e. so they're not setting it to 'admin' for example).
I tried to write this:
match /users/{userId} {
allow create: if (signedInAs(userId) && !request.resource.data.role) || isAdmin();
...
...but I just see "Property role is undefined on object."
Is there a way to do this safely? Or does this mean I should always be initialising expected fields, even if it's just to the empty string? That doesn't seem to quite fit with the philosophy of NoSQL?
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
