Firestore rules: why the caller does not have permission to execute the specified operation?

Question

I have a collection with documents that have the following fields

• uid: it is the user ID of the user who created the document
• anotherId: it is another id
• andAnotherId: it is another id
• date: it is the date of creation in seconds plus 1,000,000 seconds

In flutter I have the following query

    _firestore
      .collection('subscriptions')
      .where('anotherId', isEqualTo: '1')
      .where('andAnotherId', isEqualTo: '2')
      .where('date', isGreaterThanOrEqualTo: dateInSeconds)
      .limit(1)
      .get()
      .then(....

I would like to set up a rule where only the user who created the document can read the document. I have written the following but it is not working. Does anyone know why??

    match /subscriptions/{item} {
      allow read: if request.auth != null
                  && request.auth.uid == resource.data.uid;
   }

Note that it works if I write this rule (but I would like to avoid other user can read documents created by other users)

    match /subscriptions/{item} {
      allow read: if request.auth != null;
   }

Answer 1

I have solved by changing the query as follow but still I am not getting why it did not work before

_firestore
  .collection('subscriptions')
  .where('uid', isEqualTo: uid)
  .where('anotherId', isEqualTo: '1')
  .where('andAnotherId', isEqualTo: '2')
  .where('date', isGreaterThanOrEqualTo: dateInSeconds)
  .limit(1)
  .get()
  .then(....