Ad

Firestore Security Rules Request.auth.uid == UserId Kept Returning 'Simulated Read Denied'

I'm trying to get request.auth.uid == userId to be tested but I'm getting 'Simulated read denied'.

I checked all of the basic questions before inputting this issue -

enter image description here

Did you deploy security rules?

I deployed the rules via the fireconsole (clicking the publish button and waiting for a min).

Did you have loggedin using Firebase Authentication?

I haven't implemented this work, I'm trying to test the security rules via using simulator in console.

I tried basic rule below and it works fine.

if request.auth.uid != null;

enter image description here

Here are the screenshots of my testing -

enter image description here

Ad

Answer

When using the security rules simulator, you need to enter the exact, full path of the document to read. You can't use wildcards. Right now, you're trying to using a wildcard in the document path: "/users/{userId}" This isn't going to work. This makes the userId variable in your rules become literally the string "{userId}". What you need to do instead is paste the actual ID of the document you want to test for reading into the form. This is going to be the UID starting with "JoF".

BTW: You are not required to deploy rules in order to test them in the simulator. You can choose to deploy them only after you've tested them.

Ad
source: stackoverflow.com
Ad