firebase security rules child() expects a string error

0
votes

I am getting a weird error with firebase security rules. My current code is:

".read": 
  root.child('parent_to_rider').child(auth.uid).child($rider_id).exists()"

And I get the following error:

"root.child('parent_to_rider').child(auth.uid).child($rider_id).exists()"
20:57: child() expects a string argument.
    => false`

However, when I try the following code it works fine:

".read":
   root.child('parent_to_rider').child('simplelogin:18').child($rider_id).exists()"

The response is:

Attempt to read /riders/-JnSvkcZ8Xs2dEnEeZdm with auth=Success(null)
 "root.child('parent_to_rider').child('simplelogin:18').child($rider_id).exists()"
    => true
Read was allowed.

The security rule seems to only give error with .read, and the same rule works perfectly fine with the .write rule. I would appreciate any help here.

My complete rule block looks like this:

"riders" : {
  "$rider_id" :{
      //Check if mapping from rider to parent already exists
     ".read":
       "root.child('parent_to_rider').child(auth.uid).child($rider_id).exists()",
     ".write": 
       "(root.child('parent_to_rider').child(auth.uid).child($rider_id).exists())",
  }  
}
2
firebasefirebase-security

2 Answers

1
votes

I figured the problem was with me not properly authenticating the user in the firebase rule simulator. First authenticating the user 'simplelogin:18' and then simulating the above rule worked fine.

I still need to resolve why my client side code is not working with this rule set, but that is a different issue.

0
votes

I found that adding auth !== null to the front of your rule needing child(auth.uid) gets rid of the error.

So your first rule would look like this:

".read": 
  auth !== null && root.child('parent_to_rider').child(auth.uid).child($rider_id).exists()"

The variable auth is undefined when you use the simulator as "Unauthenticated" and child() is looking for a string not an undefined variable.