Search code examples
fluttergoogle-cloud-firestorefirebase-security

Flutter Firestore permission denied despite the rule

My rules are as follows:

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
  

     match /classifiedAds/{uid}/{document=**} {
       allow read, create: if true; 
       allow update, delete: if request.auth.uid == document.ownerId;  
    }

When I update a document, I get:

I/flutter (32578): [cloud_firestore/permission-denied] The caller does not have permission to execute the specified operation.

This puzzles me because I've checked that the auth user did matches the ownerId property of the document.

Solution

  • Ok, my bad. You can refer to the document property thru resource.data.<property>:

    rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
  

     match /classifiedAds/{uid}/{document=**} {
       allow read, create: if true; 
       allow update, delete: if request.auth.uid == request.data.ownerId;  
    }