I am struggling to write a firebase rule that is checking the user id that is stored in a document. Hardcoding a given value as a string works
allow write: if request.auth.uid == 'user-id-hardcoded';
,however I am unable to find a way to dynamically address it. I am left with the impression it's due to the hyphen in the document field after checking this question - Firebase security rules : How can I use dashes or hyphen in paths?. I also tried to substitute user-id with userId to no avail.
allow write: if request.auth.uid == resource.data.user-id;
Any help will be appreciated.
If your field name in document contains a hyphen then use the brackets notation instead:
allow write: if request.auth.uid == resource.data["user-id"];