
Send Customer Information to Firebase - Security Rules

Badge +1



I was looking at sending customer information to firebase as described here.


There are example security rules here


rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
allow read: if request.auth.uid == uid;

allow read: if request.auth.uid == resource.app_user_id


Are these security rules meant to be copy/pasted directly into firebase? They flag up some syntax errors when I try to and I’m not sure how they are supposed to be changed. I think the “${param:REVENUECAT_EVENTS_COLLECTION}” is the problematic part.

3 replies

Badge +6

Placeholders such as this one will be replaced to correct collection names after you configure Cloud Firestore Extension; look at the documentation at Cloud Firestore Extension page (inside Firebase Console, link is called “How this extension works”) instead of RevenueCat website page or GitHub; this is just placeholder:


For example, if you configure “customers collection” as “rc_collection” (when you configure this extension in Firebase Console) generated documentation page will show this


rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /rc_customers/{uid} {
allow read: if request.auth.uid == uid;

match /rc_events/{id} {
allow read: if request.auth.uid == resource.app_user_id


Badge +5

I figured  it out.


rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /customers/{uid} {
      allow read: if request.auth.uid == uid;
    match /events/{id} {
      allow read: if request.auth.uid == resource.app_user_id


Go to revenuecat extension in firebase and reconfigure it.


RevenueCat Webhook Events Firestore collection (Optional) Description

enter "events"


Location of the customers collection (Optional) Description

enter "customers"
Lastly enable events as you want and save it.
Badge +5

Same problem here, any solution?
