This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Need advice for data structure and security rules

Posted on 03-15-2022 03:16 AM
kk_
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi,

I am a newbie in cloud-firestrore and trying to find the optimal design for the following case.

I have 5 entities 

  1. Resellers (which can have a parent reseller, parent resseler_id in their document )
  2. Customers (who belongs to a reseller will have resseller_id in their document)
  3. Users (who are related to a single customer or reseller and actually login to the app)
  4. Devices (belongs to customer)
  5. HistoryData (this collection has the device id  a timestamp  and some other data stored)

The only limitation I got is that HistoryData can contain only the device_id as a link to other entities because it will be sent by a real device which will have this value hard-coded in the hardware and will login with an account and have only write access on that collection.

For the rest of the entities the I do not mind if they will all be different collections or sub collections.
What I need to achieve is that read access to HistoryData records should have

  • any user of the customer the device belongs to 
  • any user of the reseller that device 's customer is link to
  • the admin users (that's me)

I believe that it would be possible to write a rule that from HistoryData would get the device_id, find the customer that belongs to and collect his users and then get the customer reseller and collect his users and finally check if the reader belongs to one of them.
But it really sounds like a very bad design.  So, I am asking for advice if there is a better way to achieve that.
Special thanks to whoever has the kindness and the willing to provide advice.

0 1 214
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
amityleo
Staff
Reply posted on --/--/---- --:-- AM

Hello KK,

Thank you for posting this here. I believe the Google Cloud Community is intended to answer more general questions regarding the Google Cloud Platform. To suggest a better solution for your use case, I believe the best place to get help for this issue is likely to be Stack Overflow  including the proper tag [google-cloud-firestore] on it. This will allow more user to reach the post and could be helpful for you to find some better solutions. 

For more information about the data structure in firestore, this documentation might be helpful for your use case. Also security rules V2 might be useful when you are trying to restrict some documents from access. 

I hope it helps.

0 Likes
Top Solution Authors
View all