Firestore: Prevent write/overwrite/update field once it is added

Question

I have a collection in which I am storing user requests in documents having documents ID as user's email. In the document, I am creating fields the key for which is being generated at client side. Now, the problem that I am facing is that user can overwrite the existing field/request in the document if the key matches which I don't want to happen. What I tried was to use this rule which unfortunately does not work

   resource.data.keys().hasAny(request.resource.data.key();

So how can I achieve this?

Below are the screen shot of the firestore data and the current security rules

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {

  
    match /roles/{userId}{
        allow read: if isSignedIn() && hasId(userId);
    }
    
    match /requests/{email} {
        allow read, update: if isSignedIn() && hasMail(email)
    }
    //functions//
    function hasMail (email) {
        return request.auth.token.email == email;
    }
    
    function hasId (userId) {
        return request.auth.uid == userId;
    }
    
    function isSignedIn () {
        return request.auth != null;
    }
    

    function getUserRole () {
        return get(/databases/$(database)/documents/roles/$(request.auth.uid)).data.role
    }
    
    
  }
}

Answer 1

You can check if a resource already exists. Here an example:

allow write: if resource == null // Can create, not update

Use that to restrict any edit or update of the data. If you have additional rules you can granulate them to update, delete and create.