Skip to main content

Hi,

 

I was looking at sending customer information to firebase as described here.

 

https://docs.revenuecat.com/docs/firebase-integration

 

There are example security rules here

 

rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /${param:REVENUECAT_CUSTOMERS_COLLECTION}/{uid} {
allow read: if request.auth.uid == uid;
}

match /${param:REVENUECAT_EVENTS_COLLECTION}/{id} {
allow read: if request.auth.uid == resource.app_user_id
}
}
}

 

Are these security rules meant to be copy/pasted directly into firebase? They flag up some syntax errors when I try to and I’m not sure how they are supposed to be changed. I think the “${param:REVENUECAT_EVENTS_COLLECTION}” is the problematic part.

Same problem here, any solution?


I figured  it out.

 

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /customers/{uid} {
      allow read: if request.auth.uid == uid;
    }
    match /events/{id} {
      allow read: if request.auth.uid == resource.app_user_id
    }  
  }
}

 

Go to revenuecat extension in firebase and reconfigure it.

 

RevenueCat Webhook Events Firestore collection (Optional) Description

enter "events"

 

Location of the customers collection (Optional) Description

enter "customers"
 
Lastly enable events as you want and save it.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Placeholders such as this one will be replaced to correct collection names after you configure Cloud Firestore Extension; look at the documentation at Cloud Firestore Extension page (inside Firebase Console, link is called “How this extension works”) instead of RevenueCat website page or GitHub; this is just placeholder:

${param:REVENUECAT_CUSTOMERS_COLLECTION}


For example, if you configure “customers collection” as “rc_collection” (when you configure this extension in Firebase Console) generated documentation page will show this

​​​​​

rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /rc_customers/{uid} {
allow read: if request.auth.uid == uid;
}

match /rc_events/{id} {
allow read: if request.auth.uid == resource.app_user_id
}
}
}

 


Reply