1

For my Cloud Function, I would like to be able to access certain parts of Cloud Firestore as a particular user in Firebase Auth. There are security rules in place, which allows users based on their roles linked to their UUID to perform certain actions on the data. However, when creating a Cloud Function, I cannot figure out how to make a request to the database as an authenticated user.

The code here would completely bypass the security rules set in place (thus defeating the purpose):

admin.initializeApp({
  credential: admin.credential.cert({
    projectId: '<PROJECT_ID>',
    clientEmail: 'foo@<PROJECT_ID>.iam.gserviceaccount.com',
    privateKey: '-----BEGIN PRIVATE KEY-----\n<KEY>\n-----END PRIVATE KEY-----\n'
  }),
  databaseURL: 'https://<DATABASE_NAME>.firebaseio.com'
});

My question is how do I perform actions in a Cloud Function as an authenticated user.

Doug Stevenson
  • 297,357
  • 32
  • 422
  • 441
Josh
  • 2,232
  • 3
  • 15
  • 33

2 Answers2

1

Update (02.06.2018)

Nevermind, this appears to only work with Realtime Database.

Original

After a little bit more research, using databaseAuthVariableOverride appears to be what I would like.

You are quite thorough @Doug Stevenson, thank you. (Does Cloud Functions for Firebase respect the realtime database rules?).

Josh
  • 2,232
  • 3
  • 15
  • 33
0

The Admin SDK doesn't provide a way to scope access to Firestore as some authenticated user. If you would like to see this, please file a feature request.

Doug Stevenson
  • 297,357
  • 32
  • 422
  • 441