Firebase: Allow Read or Write access to different collections

0
votes

My project has 2 main collections: "contact" and "albums".

Here is my data structure

I am trying to assign full read access to everyone in the "albums" collection and to restrict write access to unauthenticated users. At the same time, i want to assign write access to unauthenticated users and read, update, delete to authenticated users in the "contact" collection.

The current ruleset fails in the rules simulator both for authenticated requests and unauthenticated requests. Rules are as follows:

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /contact/{document=**} {
      allow create;
      allow read, update, delete: if request.auth != null;
    }
   }
    match /albums/{document=**}{
      allow read;
      allow write: if request.auth != null;
    }
}

And the firebase query returns "Uncaught Error in onSnapshot: FirebaseError: Missing or insufficient permissions."

Query below:

useEffect(() => {
const unmount = firestore
  .collection("albums")
  .orderBy("date", "asc")
  .onSnapshot((snapshot) => {
    const tempAlbums = [];
    snapshot.forEach((doc) => {
      tempAlbums.push({ ...doc.data(), id: doc.id });
    });
    setAlbums(tempAlbums);
  });
return unmount;
}, []);

Any ideas on how to correct the rules?

1
firebasegoogle-cloud-firestorefirebase-security

1 Answers

1
votes

There is a typo in your rules. It should be like this:

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /contact/{document=**} {
      allow create;
      allow read, update, delete: if request.auth != null;
    }    //The /albums path must be included inside /documents
    match /albums/{document=**}{
      allow read;
      allow write: if request.auth != null;
    }
  }
}