Firebase Security Rules to allow read

Question

I am learning about Firebase Database and am trying to set up security rules. To start, I am creating very permissive rules with something like this:

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/users/{user_id} {
    allow read, write: if true;
  }
}

I found the Rules Playground tool in the Firebase Console and attempt to get a document:

But when I click Run, I get "Simulated read denied".

What am I missing? Why doesn't my rule allow the read? What do I need to change to allow reads and writes?

Doug Stevenson Doug Stevenson · Accepted Answer · 2020-03-31T00:52:31

Your rules are just incorrect. It look like you edited down the path too far. Your outer match should always be "/databases/{database}/documents". The whole thing should look like this if you want to allow full access to the users collection:

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /users/{user_id} {
      allow read, write: if true;
    }
  }
}

Firebase Security Rules to allow read

1 Answers