I realised I’d messed up by not paying attention to the security rules, figuring I’d do them later. Now that I’m going back after making everything else, I’m quite confused as to how it works not sure what the technical words and labels actually mean. I’ve got somewhat of a clue of using the security settings to allow read and write for all authorised users but I wouldn’t want a user to be able to read everyone else’s data as well.
Thank you Harri, looking forward to reading it.
I’ve actually been looking at it more today and I think now understand setting up the Firestore Security rules but I’m having a problem with the appgyver side of things.
this is the firestore security rules I’ve implemented:
rules_version = ‘2’;
service cloud.firestore {
match /databases/{database}/documents {
match /test/{test=**} {
allow read: if request.auth.token.email_verified && request.resource.data.uid == request.auth.uid ;
allow write: if request.auth.token.email_verified ;
}
}
}
and I’ve set up a http POST request like so to check if it works:
The http request doesn’t go through but it also doesn’t give me an error message either. I’ve checked using a toast as well as saving the negative output of the http to a page variable which I checked in the debugger and it still remains empty.
nvm i’ve got it now (so far), whilst I can’t get it to work with a http request, the pre-installed requests under “Data” work fine. nonetheless I look forward to the upcoming documentation
