Firestore Security Rules - checking a document fie

2019-07-23 15:07发布

When querying for a collection of documents and using a security rule to check a field on a document to allow a read, I get:

"Uncaught Error in onSnapshot: Error: Missing or insufficient permissions."

My query:

firebase.firestore().collection('photos').where('event', '==', eventId).orderBy('uploadedAt', "desc").limit(11)
.onSnapshot((photoBatch) => {
  let photos = []
  photoBatch.docs.forEach(doc => {
    let photo = doc.data()
    photo.id = doc.id
    photos.push(photo) 
  });
  return = photos
})

My rule:

match /databases/{database}/documents {
  match /photos/{photo} {
    allow read: if resource.data.privatePhoto == false
  }
}

All the documents returned from this query do have the field

privatePhoto: false

Is there something about returning multiple documents that prevents checking on individual document fields?

0条回答
登录 后发表回答