Missing or insufficient permissions when writing to Firestore using field in access rules

Question

I am getting an error when attempting to write to Firestore.

I am attempting to use a field containing the user uid for my security rule.

service cloud.f         


        

Answer 1

This question and the accepted answer were very useful for me. I ended up using a slightly different set of rules which I'll share here incase someone else finds them useful.

Like the OP, I store a user ID (uid) with my resources. However, when I want to create a new resource, there's no uid yet. Using an example in the documentation I ended up with security rules that look like this:

service cloud.firestore {
  match /databases/{database}/documents {
    match /messages/{document=**} {
      allow read, update, delete: if request.auth.uid == resource.data.uid;
      allow create: if request.auth.uid != null;
    }
  }
}