-
Notifications
You must be signed in to change notification settings - Fork 461
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Firestore and Realtime Database administration and grants #80
Comments
functions/db/admins/onWrite.f.js:
functions/db/userGrants/onWrite.f.js:
I added the above for now to duplicate privilege changes from the RDB into Firestore. It seems to be working in case anyone else is stumped by the issue. |
Hi @linusmartensson there should be a sync from RTD to Firestore. We do it the same in our company. |
omg it seems I frogot to put the sync in the demo -.- |
Updated the project to have integrated sync of admins and grants to firestore. Also to sync admins and grants with "storage" in it's name to the custom auth tokens. Because you can't access RTD and Firestore on the storage rules the only solution is to do it over those custom tokens. Sync of all of them would not fit so we sync only those witch have "storage" in they're name. |
The way the firestore example rules in firebase/firestore.rules are written, they look for grants and administrative privileges to access and modify data:
However, this data is stored by RMW in the Realtime Database, not Firestore, and it does not seem to be legal to access the RDB from Firestore since I'm getting permission failures when using the provided functions.
I obviously can't just do client-side security and leave Firestore open to anyone, so how can I use the provided grant and isAdmin functionality? Do I need to duplicate grants and administrators on changes using firebase functions, or have I missed something?
The text was updated successfully, but these errors were encountered: