bijoutrouvaille
Setting read and write requests on the same line causes errors
Setting read and write rules on the same line causes resource is undefined error on get requests since no resource is provided in the request.
firestore.ward
match /users/{user_id} is User {
allow read, list, create: if true;
allow update: if request.auth.uid == user_id
}
firestore.rules
match /users/{user_id} {
function is______PathType(data, prev) {
return is____User(data, prev!=null ? prev : null);
}
allow read, list, create: if is______PathType(request.resource.data, resource==null ? null : resource.data) && (true);
allow update: if is______PathType(request.resource.data, resource==null ? null : resource.data) && (request.auth.uid == user_id);
}
This can be fixed by putting read and write rules on separate lines:
firestore.ward
match /users/{user_id} is User {
allow read, list: if true;
allow create: if true;
allow update: if request.auth.uid == user_id
}
firestore.rules
match /users/{user_id} {
function is______PathType(data, prev) {
return is____User(data, prev!=null ? prev : null);
}
allow read, list: if true;
allow create: if is______PathType(request.resource.data, resource==null ? null : resource.data) && (true);
allow update: if is______PathType(request.resource.data, resource==null ? null : resource.data) && (request.auth.uid == user_id);
}
Thanks for reporting the issue @matthewiiv. Others have also run into the issue (#23). So far, the solution I have in mind is to throw a compile error for read and write operations on the same allow directive.
Ah interesting. I didn't realise it would also cause issues in firestore too.
I think throwing a compile error is a perfectly reasonable solution here.
Thanks for the respone