firebasegoogle-cloud-firestorefirebase-authenticationfirebase-security
How to monitor Firestore rules errors?
I just found out that 10% of my Firestore requests go in error:
These are my rules:
service cloud.firestore {
match /databases/{database}/documents {
match /notifications/{notification} {
allow read, delete: if request.auth.uid == resource.data.authUID;
allow create, update: if request.auth.uid == request.resource.data.authUID;
}
match /various/{doc} {
allow read, write: if request.auth != null;
}
}
}
How can I monitor which are these errors?
Or can you see anything particularly wrong in the rules definitions, which can cause errors?
UPDATE:
I have modified the rules according to what @Mises said, but I still get the errors:
service cloud.firestore {
match /databases/{database}/documents {
match /notifications/{notification} {
allow read, delete, update: if request.auth != null && resource.data != null && request.auth.uid == resource.data.authUID;
allow create: if request.auth != null && request.auth.uid == request.resource.data.authUID;
}
match /various/{doc} {
allow read, write: if request.auth != null;
}
}
}
Solution
Firebase console only provides an at-a-glance view of rules invocations. Is not possible to get error logs about specific parts of your security rules that fail.
You could enable and disable rules at a time to test which one is producing errors using one of these tools:
- Rules playground in the Firebase console.
- Emulator suite and its debug function.