I keep getting warnings from unsecure Firebase rules

Question

I keep getting this error regardless of what I do to change my rules, I even went through the documentation of firebase rules, I basically want unsigned in users (using Firebase authentication) to be able to read data from my database but only signed in users to be able to write and update, how can I achieve this?

This is what I attempted below

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
            allow read, write, update, create: if true;

    }
  }
}

The unsafe rule is that every autheticated user can read and write the entire database, i recomend you to read [this](https://stackoverflow.com/a/73188009/18648400) — Mirco0, Jan 22 '23 at 11:07
I think that this [resource](https://medium.com/firebase-tips-tricks/how-to-fix-firestore-error-permission-denied-missing-or-insufficient-permissions-777d591f404) will help. — Alex Mamo, Jan 23 '23 at 07:32

score 0 · Answer 1 · answered Jan 22 '23 at 12:21

If you want unauthenticated users to only read the database, and authenticated users to read and write in your database, you can probably use something similar:

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read: if true
      allow write: if request.auth != null;
    }
  }
}

You can find more about the syntax and basics of Firestore rules here

I keep getting warnings from unsecure Firebase rules

1 Answers1