Firestore security rule get() not work

I contacted to the Firebase support to report that bug and they gave me a temporary solution on this. It seems that they are having a bug in their systems on the security rules side. They say that the documentation is ok, but for now we should workaround this way:

get(path).data.field == true || get(path).field == true;

Because the bug is that data object isn't populated, you should check both properties. There's no ETA for launching a solution on this bug, so I asked they if they could give me an advice when they solved this issue, so I'll keep this answer up-to-date with their information.

So the way I've solved it is I've created another Collection Called admins

Then I've just added the uid of the user I needed there as such - Here is my database structure - https://i.imgur.com/RFxrKYT.png

And here is the rules

service cloud.firestore {
  match /databases/{database}/documents {

    function isAdmin() {
      return exists(/databases/$(database)/documents/admins/$(request.auth.uid));
    }

    match /tasks/{anyTask} {
    allow read: if request.auth != null;
      allow create: if request.auth != null;
      allow update: if request.auth != null && isAdmin();
      allow delete: if request.auth != null && isAdmin();
    }
  }
}

You can view my full Open Source project here: https://github.com/metaburn/doocrate

Firestore security rule get() not work

Tags:

Firebase

Firebase Security

Google Cloud Firestore

Related

Recent Posts