A user in firebase is not able to read or write its own documents in firestore

Question

I have a user that is logged in with google account, and in firebase, the user id is '123'

In firestore: data, there exists a collection, 'users', with one document, '123' with field 'name : "test"'

In firestore: rules, the rules are as following

service cloud.firestore {
  match /databases/{database}/documents {
    match /users/{userId} {
      allow read, update, write, delete: if request.auth.uid == userId;
    }
  }
}

In my component my code is:

  users: Observable<User[]>;

  ngOnInit()
  {
    this.users = this.firestore.collection<User>('users'); 
  }  

  constructor(public auth: AngularFireAuth, private firestore : AngularFirestore) {}

Html:

<ul>
   <li *ngFor='user of angObs | async>
    {{ user.name }}
   <li>
<ul>
<div *ngIf='auth.user | async as user'>
    <p>User id:</p>
    {{ user.uid }}
</div>

The hmtl reads:

User id:

123

when the rule is request.auth.uid != null; , the user sees the data.

when the rule is request.auth.uid == userId; , the user does not sees the data.

What am I doing wrong?

Answer 1

You are querying the whole user collection and therefore it is impossible to pass this test as your userId would need to match every document id.

You need to specify the patch to the document like:

this.users = this.firestore.collection('users').doc<User>(userId).get()

That would only result in a single User document not a User[]

If you try to query the whole user collection like it seems by your

  users: Observable<User[]>;

You would need to add a custom property to the user object which determines the privileges