I'm having an error when writing a security rule that verifies if the requestor can make an action. By I'm getting:
Invalid variable name: request.
Here is my code:
rules_version = '2';
service cloud.firestore {
// Check if user is authenticated
function isAuthenticated() {
return request.auth != null;
}
match /databases/{database}/documents {
function isUserCompanyAdmin(companyID) {
return isAuthenticated() &&
request.auth.token.role == 'admin' && request.auth.token.companyID == companyID;
}
match /companies/{companyId} {
allow read, write, update, delete, create, get: if isUserCompanyAdmin(companyId);
}
}
}
What's wrong?
Thanks
If I recall correctly, request is only available inside match clauses. So you can either pass request to the function - or move it into a match clause.