Reputation: 17835
Super basic firestore security rule won't work
I can't get the literal simplest firestore security rule I can write to work in the play ground. Just for testing, I've made a Cloud Firestore database with a collection named users. It has one field stuff. In the playground, these are my rules:
service cloud.firestore {
match /databases/{database}/documents {
match /users/{user} {
allow read, write: if true;
}
match /{document=**} {
allow read, write: if false;
}
}
}
I'm simulating a get on location: /databases/(default)/documents/users, but it always fails due to the document=** match, and never matches /users/{user}. Why is this! Feels like I'm following the most basic examples from the docs.
Added a couple screenshots for clarify.
Upvotes: 2
Views: 212
Answers (1)
Reputation: 83183
In the "Rules playground", in the location field, you don't need to enter /databases/(default)/documents/. This part of the path is already taken into account, as it is shown above the editable field with the pale grey (or greyed out) /databases/(default)/documents string.
So, by just entering users/C8YDk... it will work, since your rule allows reading the doc, due to an overlapping matching statement.
More info on how to use the playground is to be found here.
Upvotes: 3
Related Questions
- Problem Setting up Security Rules in FIrestore
- Cloud Firestore security rules not working
- Firebase security rules not working - Can't figure out why
- Firestore Security Rules not working as expected
- Firebase firestore security rules not working
- problems with firestore security rules
- Why isn't this Firestore security rule being enforced?
- Firestore create security rule not behaving as expected
- Firestore security rule not working
- Firestore security rule get() not working