google-cloud-firestore firebase-security

Firestore Security Rules: Passing a request parameter in a get() call?

I would want to be able to differentiate a get() call in my app from the others.

In Security Rules, I've written in the read rule:

request.resource.data.sign_look == true

So I would want to be able to write a get call sending the true boolean sign_look in order to allow it.

Is it possible? I know it's easy to do with rules like write since indeed there are data in the request, but such data don't seem to be present in get calls.

Solution

There is no way to pass an arbitrary parameter to security rules.

The two options you have:

Pass the value as part of the path that you're reading/writing.
Store the value in a custom claim for the user, and then use that in your security rules.

Also see:

Can I send value with request to Firestore rules