javascript reactjs google-cloud-firestore firebase-security

Denied permission by Firebase

I work with Firebase and for my Firestore Database I created the rules:

// Budgets
match /budgets/{budget} {
    allow read: if request.auth != null;
  allow update, delete, create: if request.auth != null && request.auth.uid == request.resource.data.userId;
}

Somehow Firebase allows me to create a budget. But unfortunately when I try to delete created budget I receive error:

FirebaseError: [code=permission-denied]: Missing or insufficient permissions.

Code for deleting a budget:

async function deleteBudget({ id }) {
    try {
        const budgetToDeleteQuery = query(collection(db, 'budgets'), where('id', '==', id), where('userId', '==', currentUser?.uid));
        const budgetToDeleteData = await getDocs(budgetToDeleteQuery);
        const budgetToDelete = doc(db, 'budgets', budgetToDeleteData.docs[0].id);
        await deleteDoc(budgetToDelete);
    } catch (error) {
        alert(error);
    }
    // setBudgets(prevState => prevState.filter(item => item.id !== id));
}

Can anyone tell me what's the problem here?

Solution

To delete, use resource because it is the document before the operation takes place, which in this case is the budget you want to delete.

Check the code below.

 // Budgets
 match /budgets/{budget} {
       allow read: if request.auth != null;
       allow update, create: if request.auth != null && request.auth.uid == request.resource.data.userId;
       allow delete: if request.auth.uid == resource.data.userId
    }