2

Is it costly (i.e. roughly how many reads & how much are we charged in $) to have a firestore security like this:

 match /profiles/{document=**} {
   allow create: if request.auth.uid != null
   && (request.resource.data.firstName is string && resource.data.firstName != request.resource.data.firstName)
   && (request.resource.data.lastName is string && resource.data.firstName != request.resource.data.firstName)
  && (request.resource.data.username is string && resource.data.username != request.resource.data.username)
  && (request.resource.data.email is string && resource.data.email != request.resource.data.email)
}
Jek
  • 5,325
  • 6
  • 33
  • 64
  • 1
    You have two distinct questions here that don't overlap at all. Would you please split them up into two questions so that each has a better chance of being answered and accepted independently? Personally, I don't understand your second question. Maybe you should explain what you expect to happen for some example database operations. – Doug Stevenson Dec 20 '18 at 05:02
  • @DougStevenson I have separated them up into 2 questions. Here is the question https://stackoverflow.com/q/53862818/3073280 – Jek Dec 20 '18 at 05:22

1 Answers1

4

According to the documentation, you are billed for get() and exists() requests in your security rules:

Using the get() and exists() functions, your security rules can evaluate incoming requests against other documents in the database.

Continued:

Using these functions executes a read operation in your database, which means you will be billed for reading documents even if your rules reject the request. See Cloud Firestore Pricing for more specific billing information.

So, if your rules don't use get() or exists(), then you don't have additional billing associated with the rules. It appears you are not using either of those functions here, so I would anticipate no additional billing.

Doug Stevenson
  • 268,359
  • 30
  • 341
  • 380