0

I have a database on Cloud Firestore with a collection users. Each user has write access to their own user document, but that user document also contains data such as isAdmin. How can I restrict the isAdmin field to be read-only, while giving them write access to other fields?

Thanks

Doug Stevenson
  • 297,357
  • 32
  • 422
  • 441
codecubed
  • 780
  • 7
  • 8
  • You can't. Either someone can read and entire document, or they can't read it at all. You will have to split the document into two, in different collections, and give each collection different permissions. – Doug Stevenson Jun 17 '20 at 23:53
  • A way to get around this is by having another collection of Admin Users that only admins can edit – Ben Winding Jun 17 '20 at 23:55
  • Well you can.... Just write in your rule that the field "isadmin"should not be changed: request.resource.data.isAdmin == resource.data.isAdmin – l1b3rty Jun 18 '20 at 11:18

0 Answers0