Ad

Firestore Rules : Check The Existence Of A Value In Array

I want to give permission of read and write just to users whom exist in the members group but I don't know why it doesn't work ?

This is the rules in firestore :

    rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
  match /Users/{uid} {
  allow write: if request.auth != null && request.auth.uid == uid;
  allow read : if request.auth != null;
  }
    
    match /GroupChat/{document=**} {
      allow read,create,update: if request.auth != null && request.auth.uid in request.resource.data.Members;
        
    }
  }
}

This is a screen of my data base screen from DATABase

The query :

FirebaseFirestore.instance
          .collection("GroupChat")
          .where("Members",
              arrayContains: FirebaseAuth.instance.currentUser!.uid)
          .snapshots(),

when I want to display the information in my APP, I get this error :

W/Firestore(14600): (24.0.0) [Firestore]: Listen for Query(target=Query(GroupChat where Members array_contains 0FQhApDgWMVNTpOiDewF3qJX7IA3 order by name);limitType=LIMIT_TO_FIRST) failed: Status{code=PERMISSION_DENIED, description=Missing or insufficient permissions., cause=null}

Ad

Answer

As mentioned in the documentation,

The resource variable refers to the requested document, and resource.data is a map of all of the fields and values stored in the document.

However, request.resource.data contains data that is being added in document in update/write operations. You should be using resource.data because you want to check existing data.

match /GroupChat/{document=**} {
  allow read,create,update: if request.auth != null && request.auth.uid in resource.data.Members;        
}
Ad
source: stackoverflow.com
Ad