How to check if attribute matches in an array of maps
Previously, I had the following rule:
allow read: if request.auth.token.email in resource.data.shareWith;
Now, that the data structure changed and shareWith is no longer an array of email addresses, but an array of maps, how can I adapt this rule accordingly?
This is how the DB looks like now:
shareWith: [ { email, phone }, { email, phone }, ... ]
Solution
Checking whether an item is in an array in Firestore (both its query API and its security rules) requires that you specify the full item. There is no way to check for a partial match.
The common workaround is to add an additional array field to each document with just the values that you want to check/query for. So in your case, that'd be:
shareWithEmails: ["email1", "email2"]
And then your security rule would be:
allow read: if request.auth.token.email in resource.data.shareWithEmails;
Also see:
- How to use array-contains operator with an array of objects in Firestore? (about queries in code, but the same applies there)
- Always same error Firebase API called outside injection context
- How to check if attribute matches in an array of maps
- Firestore missing or insufficient permission firebase-rest-api Python
- Problem with Firestore Timestamp and Google Cloud Functions (date.toDate() is not a function)
- How to remove a nested property from an object in Firestore
- Firebase cloud firestore not working in flutter
- Can you save attributed strings to Cloud Firestore?
- Is It Safe to Use stream() Inside a Firestore Transaction in Python?
- Firebase Firestore timestamp not allowed inside array
- The return type 'StreamBuilder<dynamic>' isn't a 'QuerySnapshot<Object?>',
- How to delete Firestore document when a user closes the web page
- Parse error Unexpected token '�' at 1:1 ��{ on flutter app when running firebase deploy
- Firestore Security Rules: Getting all docs with field-specific "where"-query
- Firebase Cloud Functions: Document deletion not working properly and execution timing issues
- Getting Error Code 400 ( Bad Request ) when trying to add a document in firebase firestore
- Nested Firestore Security Rule For Write Access Not Working
- ionic 7 with firebase on android fails to connect with firestore
- Convert date object to Firestore timestamp
- Writing data to a child node in Firestore
- Firebstore rules - Check SubCollection exist
- How can I model a many-to-many relationship in Firestore without exceeding the document size limit?
- How to properly render firestore retrieved data stored inside pinia?
- How to get Key from firebase database in android
- Firestore security rules error: [code=permission-denied]: Null value error. for 'list'
- Firestore runTransaction takes multiple minutes
- Firebase + Stripe: How do I check if a particular user has a paid subscription?
- Can't get Firestore Rules get() to work inside a function
- Query to iterate over array of maps in Firestore (web)
- Does Firebase security rules language support variable prop name?
- Google cloud function deployment causes outage?