Firestore security rules: Function [get] called with malformed path
Cloud Firestore Rule
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /admins/{document=**} {
allow read, write: if true;
}
match /{userId}/{document=**} {
allow read, write: if request.auth.uid == userId || get(/databases/$(database)/documents/$(userId)/users/$(request.auth.token.email)).exists;
}
}
}
Details provided in Rules Playground of Cloud Firestore
Simulation type: get
Location: /databases/(default)/documents/cTgy9W6Zt2dShSgqig2ToeYLEzt2/products
Authenticated: True
Authentication Payload
{
"uid": "dQkped8ggvUv6iHfI9kVD7Vrnlf2",
"token": {
"sub": "dQkped8ggvUv6iHfI9kVD7Vrnlf2",
"aud": "undefined",
"email": "[email protected]",
"email_verified": false,
"firebase": {
"sign_in_provider": "password"
}
}
}
Error
Function [get] called with malformed path: /databases/(default)/documents/cTgy9W6Zt2dShSgqig2ToeYLEzt2/users/[email protected]
You need to pass a Document path to the get() method.
As explained in the doc: "The get() and exists() functions both expect fully specified document paths."
With
/databases/$(database)/documents/$(userId)/users/$(request.auth.token.email)
you are actually passing a Collection path (3 elements).
You need to change your data model or add a document in the [email protected] subcollection to point to.
In addition I think you're mixing up the get() and exists() functions.
The get() method returns a rules.firestore.Resource which does not have an exists property.
So doing get(**path**).exists cannot work. You should either use exists() to check if a specific document exists or use get() to check the value of a field of the specific document through the data property.
- Firebase Undefined symbols for architecture x86_64
- FirebaseAuth - Get tokenId in Java backend
- About FIREBASE => Angular , how to read data in FIREBASE when we use Push method to write data
- How to properly create URL Masking for Cloud Functions to create a NEG?
- how to end ng serve or firebase serve
- Firebase App Check Throws 401 Error on iOS Devices
- web - readAsBytes throws Unsupported operation: _Namespace
- Firestore set doc with merge option true or update doc
- How can I send a Firebase Cloud Messaging notification without use the Firebase Console?
- Firebase Functions "cannot determine backend specification"
- Cant access Firebase Admin SDK via Node.js on my VPS, but I can on my local machine
- Firestore get value of Field.increment after update without reading the document data
- Firebase - lacks IAM permission "cloudscheduler.jobs.update"
- Sign In with LinkedIn using OpenID Connect with Firebase Auth or GCP Identity Platform
- facebookAuthCredential.idToken is null in Flutter
- What marks Firebase Cloud Messaging tokens as inactive?
- Limitation to number of documents under one Collection in firebase firestore
- Gradle sync fails when trying to add firebase ml vision image label model
- How to fix wrong node version in `firebase deploy --only functions`
- Get documents from firestore based on timestamp field
- Xcode "Missing package product 'GoogleUtilities_UserDefaults'" after updating to latest package version using SPM
- "flutterfire configure" command won't let me type in a package name
- How to upload dsyms files which developed with Flutter?
- Get multiple response from API in flutter
- PhoneAuthProvider.provider().verifyPhoneNumber hangs on about: blank page after ios firebase-ios-sdk SMS authentication recaptcha flow
- Flutter Android Unable to resolve class GradleException @ line 11, column 15
- Copy a file on firebase storage?
- How to use cloud functions to create a document in Firebase Cloud Storage
- Firebase Storage and Access-Control-Allow-Origin
- Firebase emulator, set test phone sms code