Firestore security rules. Allow reading a full collection (documents and subcollections)

Question

I have been trying to make all documents in a subcollection be totally readable using these security rules:

 match /books {
     allow write, update, delete: if false; // This collection cannot be modified
  
     match /sells {
         allow read: if true; // All documents and sub-collections of this collection are readable
     }
 }

But when I try to read a document of the sell subcollection I get the Firebase permissions error. What am I doing wrong?

Frank van Puffelen Frank van Puffelen · Accepted Answer · 2020-10-31T04:17:00

You need to match documents in the collection:

 match /sells/{doc} {
     allow read: if true; // All documents in sells are readable
 }

If you want to also match subcollection of the sells document, you can use a recursive wildcard like this:

 match /sells/{doc=**} {
     allow read: if true; // All documents in and sub-collections of sells are readable
 }

Firestore security rules. Allow reading a full collection (documents and subcollections)

1 Answers