EDIT: This seems to be an open issue in Firestore. Also see this post .
In Google Cloud Firestore, I want to simulate a collection of groups. Each group contains nameits list userand some secretGroupData. For me, the natural way would be:
/groups
/group1 {
name: "Group 1"
users: { //object can be queried, simple array not
"user1": true,
"user5": true
}
secretGroupData: ...
}
/group2 { ... }
For a user like this user1, I want to request all the groups in which he is a member. This request works fine:
groupsRef.where("users.user1", "==", true)
However, I want to protect group data. This query only works when all groups are readable by all users. When I protect a group for reading only by members of the group, as a rule
match /groups/{groupId} {
allow read: if resource.data.users[request.auth.uid] == true;
}
, , , , .
Firestore?
- Firestore
group , , ? , ? group user secretGroupData ,- , (
/users/user1/groupIds: ["group1"]), - ?
.