Firestore: FirebaseError: Missing or insufficient permissions

Question

I have the following rule:

rules_version = '2';
service cloud.firestore {

    match /documents/{any} {
        allow read, write: if request.auth.uid != null
    }

    match /users/{any} {
        allow read, write: if request.auth.uid != null
    }
}

So basically, I want users that are authenticated to be able to read/write to the users and documents collections. But I try to write when I create a user and signin:

                const registerRes = await firebase
                    .auth()
                    .createUserWithEmailAndPassword(email, password);
                await registerRes.user.updateProfile({
                    displayName: fullName
                });
                registerRes.user.sendEmailVerification();
                await firebase.firestore().collection('users').doc(registerRes?.user?.uid).set({...someStuff});

But I get an error:

FirebaseError: Missing or insufficient permissions.

Not sure what I'm doing wrong. Any help would be greatly appreciated - thanks!

score 1 · Accepted Answer · answered May 25 '21 at 12:47

As explained in the doc, you need to include your path specific rules in a match /databases/{database}/documents block like:

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {

    match /documents/{any} {
        allow read, write: if request.auth.uid != null
    }

    match /users/{any} {
        allow read, write: if request.auth.uid != null
    }


  }
}

Side note: Be aware that rules that are only based on request.auth.uid != null are not really securing your DB, see this SO answer.

Firestore: FirebaseError: Missing or insufficient permissions

1 Answers1

Linked