Home > OS >  Firebase GET request blocked by simple firebase rules
Firebase GET request blocked by simple firebase rules

Time:09-11

I have the following collection group query:

const userInRooms = await firestore()
        .collectionGroup('userRooms')
        .where('uid', '==', authenticatedUser.uid)
        .get();

And it works fine. But since I added security rule:

match /rooms/{docId} {
      allow read;
      allow write;
      match /userRooms/{docId} {
        allow read;
        allow write;
      }
    }

userRooms is subcollection in rooms.
It stopped working and I getting:

NativeFirebaseError: [firestore/permission-denied] The caller does not have permission to execute the specified operation.

CodePudding user response:

Cascading the sub-collections rules that way doesn't work for collection group queries. A recursive wildcard must be present at the beginning of the path so it'll match any collections with that name. Try:

match /rooms/{docId} {
  //...
}

match /{path=**}/userRooms/{docId} {
  allow read, write: if true;
}

Do change the rules as required instead of allowing everyone to read the database (unless they are allowed to).

Page link:https//www.codepudding.com/os/540685.html

Prev:Remove all elements in an array that contain a certain character
Next:why is it not adding second index element to the currrentText
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding