I"m using firestore and my security rules not working! I wanted to access the database based on the user logged in, my structure looks like this, user/userid/user's collections. logged-in users are only allowed to access their own data /userId/their own data.
My security rule:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /user/{userId}{
allow read, write: if request.auth.uid == userId;
match /{subCollections=**} {
allow read, write: if request.auth.uid == userId;
}
}
}
}
NOTE: This same & code structure works fine with Email and password authentication but not working with phone Auth.
Problem solved! as I have contacted firebase support, they told me that the error I'm getting on the simulation is because ID is not being matched with the requested id this is obvious. So my mistake was that I'm using a wildcard on the path area like user/{userId} instead of user/randomId324234.... and now it is working as expected.