I have a DB like this:

I want logged in users to be able to read and write to this collection. I also want users who are not logged in to only read this collection..

here is my code

service cloud.firestore {
  match /databases/{database}/documents {
    // match /{document=**} {
    //   allow read, write: if request.auth != null;
    // }
    allow read, write: if request.auth != null;
    allow read: if request.auth == null;
  }
}

Ive tried other ways and I keep getting FirebaseError: Missing or insufficient permissions.

Any idea?

request to push the code...

import {
    initializeApp
} from ".1.0/firebase-app.js";
import {
    getStorage,
    ref,
    uploadBytes,
    getDownloadURL
} from ".1.0/firebase-storage.js";
import {
    getFirestore,
    addDoc,
    doc,
    collection
} from '.1.0/firebase-firestore.js'

var firebaseConfig = {
    apiKey: "",
    authDomain: "",
    projectId: "",
    storageBucket: "",
    messagingSenderId: "",
    appId: ""
};

const app = initializeApp(firebaseConfig);
const storage = getStorage(app);
const db = getFirestore(app);

            const storageRef = ref(storage, `${recipeId}`);
            await uploadBytes(storageRef, file);

            const imageURL = await getDownloadURL(storageRef);

            var recipeImageUrl = URL + recipeId + "?alt=media"

            var date = new Date();

            const createdTime = date.toLocaleString("en-US", {
                timeZone: "America/New_York"
            });
            var titleCaseName = titleCase(addRecipeName);
            // Add a new document with a generated id.
            const docRef = await addDoc(collection(db, "AddedRecipes"), {
                ...
            });

I have a DB like this:

I want logged in users to be able to read and write to this collection. I also want users who are not logged in to only read this collection..

here is my code

service cloud.firestore {
  match /databases/{database}/documents {
    // match /{document=**} {
    //   allow read, write: if request.auth != null;
    // }
    allow read, write: if request.auth != null;
    allow read: if request.auth == null;
  }
}

Ive tried other ways and I keep getting FirebaseError: Missing or insufficient permissions.

Any idea?

request to push the code...

import {
    initializeApp
} from "https://www.gstatic/firebasejs/11.1.0/firebase-app.js";
import {
    getStorage,
    ref,
    uploadBytes,
    getDownloadURL
} from "https://www.gstatic/firebasejs/11.1.0/firebase-storage.js";
import {
    getFirestore,
    addDoc,
    doc,
    collection
} from 'https://www.gstatic/firebasejs/11.1.0/firebase-firestore.js'

var firebaseConfig = {
    apiKey: "",
    authDomain: "",
    projectId: "",
    storageBucket: "",
    messagingSenderId: "",
    appId: ""
};

const app = initializeApp(firebaseConfig);
const storage = getStorage(app);
const db = getFirestore(app);

            const storageRef = ref(storage, `${recipeId}`);
            await uploadBytes(storageRef, file);

            const imageURL = await getDownloadURL(storageRef);

            var recipeImageUrl = URL + recipeId + "?alt=media"

            var date = new Date();

            const createdTime = date.toLocaleString("en-US", {
                timeZone: "America/New_York"
            });
            var titleCaseName = titleCase(addRecipeName);
            // Add a new document with a generated id.
            const docRef = await addDoc(collection(db, "AddedRecipes"), {
                ...
            });

• firebase
• google-cloud-firestore
• firebase-security

Share Improve this question Follow edited Jan 17 at 20:11 letsCode asked Jan 17 at 18:30 letsCodeletsCode 3,08211 gold badge1818 silver badges4141 bronze badges 2

• Security rules don't do anything on their own, but only become active once you execute code against them. Please edit your question to show the minimal code that causes the error message to appear. In that code, make sure to prove that it meets the requirements of your rules, i.e. check if there is a current user right before you call Firestore. – Frank van Puffelen Commented Jan 17 at 18:37
• @FrankvanPuffelen OH! I didnt see any documentation on that. I am using Javascript (moducule) call to addDoc. My basic code is as simple as it gets, get the ifo from the form and call await addDoc(collection(db, "AddedRecipes"), { ... }) .. however, for the record... i AM logged in as a user. – letsCode Commented Jan 17 at 18:43

Add a comment  | 

1 Answer 1

Sorted by: Reset to default 2

Your read and write rules are at the wrong nesting level. You need a to match specific documents in a way similar to the rules you commented out, then apply the rules under the match that matches the document. If you want to apply permissions to all documents in a specific collection, you need to match them explicitly using the name of the collection and a wildcard specifier for the document itself:

service cloud.firestore {
  match /databases/{database}/documents {
    match /AddedRecipes/{doc} {
      allow write: if request.auth != null;
      allow read: if true;
    }
  }
}

Also note above that if you want any user to read documents in a collection, your condition need only be "true".

See the documentation for more details.