Share or add collaborators to a Firestore document

Question

Consider the role based access solution. The following constraints hold:

stories are not public
stories can be read by the story creator
stories can be read by users who the stories have been shared with

Given the constraints how does one share or add collaborators to a story? Given that Alice knows Bobs email but she doesn't know his UID or if he's used the story app.

All the documentation for scope limitation base rules and queries on the UID but as that information is not publicly available I'm struggling to see how that UID ever gets added to a document without implying:

the document is only read by the creator
the document is public which defeats the purpose of adding a UID to constrain access

My initial thought was to use email address key but that didn't work. SO issue

score 2 · Accepted Answer · edited May 31 '18 at 17:39

2

I solved this by utilizing two cloud functions. In the client, I just add the known information, which is the email address. Then, I utilize a function to update all relevant documents, replacing the email address with the user's UID.

One cloud function triggers when user created. This addresses the case when user has never used or logged into the app.

Trigger a function on user creation

The second cloud function updates the document on change. This addresses the case when a user is already a user of the app and has a valid UID.

Trigger a function when a document is updated

edited May 31 '18 at 17:39

robinmitra

604
8
16

answered Mar 16 '18 at 22:53

ralphinator80

641
5
17

1

Do you have a gist of both cloud functions? – Jek Dec 07 '18 at 09:41
1

Any gist to share? – Jek Feb 21 '19 at 17:14

Share or add collaborators to a Firestore document

1 Answers1