Firebase Firestore Query using react-redux-firebase

Question

service cloud.firestore {
  match /databases/{database}/documents {
    match/projects/{project} {
      allow read: if 
       get(/databases/$(database)/documents/projects/$(project)).data.uid == 
       request.auth.uid;
      allow create: if request.auth.uid == request.resource.data.uid;
      allow update, delete: if request.auth.uid == resource.data.uid;
    }
  }
}

here i am doing the queries :

firestoreConnect((props) => { 
  return ([{ collection: 'projects', where: [["uid", "==", props.auth.uid]] }]) 
})

But I am getting an error :

Error with profile listener: Missing or insufficient permissions. Error: Missing or insufficient permissions. at new FirestoreError (index.cjs.js:402).

when i check using simulator entering document id in path i get read access. I am not getting where i am wrong. Maybe in the queries.

When I change the rules to:

allow read : if resource.data.uid == request.auth.uid;

there is no error, and data is displayed.

Why its happening is it bug or i am doing something wrong? I know firebase rules are not filters.

score 1 · Answer 1 · answered Nov 18 '18 at 04:50

You're reading the documents separately (and unnecessarily), and I don't think the rules engine is able to evaluate and validate that the query will never return disallowed documents against this condition.

Try this:

allow read: if resource.data.uid == request.auth.uid;

Firebase Firestore Query using react-redux-firebase

1 Answers1