0

In my firestore DB, there is a field playerCount = 1 (int type) and isStarted = true (boolean type)

enter image description here

Below are my firestore rules:

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
  
    match /props/{propId} {
        allow list,write,create: if false;
        allow read: if isLoggedIn() && propId=="7Ia********iqDO";
    }
    
    match /rooms/{roomId=**} {
        allow create: if isLoggedIn();
      allow read, list: if roomData("KjUXL49I1XVlXDGZ8jqL").playerCount==1 || resource.data.playerCount == 1 || oldData().isStarted || authData().uid in oldData().accessIds;
      allow write: if authData().uid in oldData().accessIds;
    }
  }
  
  function isLoggedIn() { return authData() != null;}
  function authData() { return request.auth }
  function oldData() { return resource.data }
    function newData() { return request.resource.data }
  function roomData(roomPath) { return get(/databases/$(database)/documents/rooms/$(roomPath)).data }

}

From Android App, I am querying the below code:

FirebaseFirestore.getInstance().collection("rooms").whereEqualTo("roomId", "023340").limit(1).get(Source.SERVER).addOnCompleteListener(new OnCompleteListener<QuerySnapshot>() {
                                        @Override
                                        public void onComplete(@NonNull Task<QuerySnapshot> task) {
                                            if(task.isSuccessful()){
                                                ArrayList a = (ArrayList)task.getResult().getDocuments().get(0).getData().get("accessIds");
                                                Log.d("sdccddsdcswc", String.valueOf(a.size()));
                                            } else {
                                                toast("Failed to read Room");
                                            }
                                        }
                                    });

Now the PROBLEM is:

I am always getting Permission Denied error.
I would like to know why "resource.data.isStarted" 
& "resource.data.playerCount" are not being read.
Nikhil Reddy
  • 63
  • 8
  • Can you have a look at my answer? – Roopa M Dec 19 '22 at 08:28
  • Yes, i forgot to respond. Actually, I pinged firebase support team at the same time when i posted this question here. And they mentioned I misplaced a simple "}" . The point is, all functions should reside inside the outermost parent "match" block, whereas i wrote my functions outside of match block. And secondly, your point is also correct that, firestore doesn't return multiple documents at once. As i was querying based on "whereEqualTo" condition from Android App, it was not working. So, I can say your answered helped me partially. – Nikhil Reddy Dec 19 '22 at 11:06

1 Answers1

0

It is discussed in the similar thread

firestore security doesn't evaluate the actual document value when we query over multiple documents .

Security rules don't filter data by themselves. They merely enforce rules on what data a client can read. Your client is currently trying to read all hospitals. Since your security rules have restrictions on what data a client can read, they reject this operation.

And In security rules, you haven’t defined $(database) in function roomData(roomPath) and newData() function left unused.

Roopa M
  • 2,171
  • 4
  • 12