I have started a Cloud Firestore Database and i set two collections:
Users
That have document data object
{ userRole: string, userPermissions: Array<string> }
Roles
That have document data object
{ rolePermissions: Array<string> }
I've added as rules the following:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /users/{userID} {
//User Profiles
allow read: if isUserValid();
allow write: if isUserValid();
}
match /roles/{roleID} {
//User Roles
allow read: if true;
allow write: if isUserValid() && (hasUserPermission('ADMIN.ROLES') || hasRolePermission('ADMIN.ROLES'));
}
function isExist() {
return exists(/databases/$(database)/documents/users/$(request.auth.uid));
}
function isUserValid() {
return isExist() &&
(get(/databases/$(database)/documents/users/$(request.auth.uid)).data.userActive == true);
}
function hasUserPermission(permission) {
let queryPermissions = get(/databases/$(database)/documents/users/$(request.auth.uid)).data.userPermissions;
return permission in queryPermissions;
}
function hasRolePermission(permission) {
let queryRole = get(/databases/$(database)/documents/users/$(request.auth.uid)).data.userRole;
let queryPermissions = get(/databases/$(database)/documents/roles/$(queryRole)).data.rolePermissions;
return permission in queryPermissions;
}
}
}
When i Test the rule what happen is:
- the function "hasUserPermission(permission)" it's working properly
- the function "hasRolePermission(permission)" return an error:
Error: simulator.rules line [38], column [30]. Function not found error: Name: [get].; Error: Invalid argument provided to call. Function: [get], Argument: ["||invalid_argument||"]
Why doesn't work?
question from:
https://stackoverflow.com/questions/66052930/firestore-rules-nested-get-functions 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
