Menu
I want to give a user the right to update a document. But ONLY if the user updates one specific field of this document. All other fields shouldn't be changed by this user.
Is this possible in firestore?
I tried something like this:
function isUpdateToOpenField(attr) {
return attr == get(/databases/$(database)/documents/stores/$(store)).data.open;
}
allow update: if isUpdateToOpenField(request.resource.data);
But I don't know how to compare if the update corresponds to the right field.
445
Map diffs in the Rules language were introduced to solve this:
function isUpdateToOpenField() {
return request.resource.data.diff(resource.data).affectedKeys().hasOnly(['open']);
}
allow update: if isUpdateToOpenField();
Update: Instead of writeFields, you can now use Map.diff()
Check out the writeFields variable for security rules:
allow update: if ((request.writeFields.size() == 1) && ('open' in request.writeFields));
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
