DEV Community

Discussion on: 2.2 A beginner's guide Firebase V9 - Coding a simple webapp

invernomutogit profile image
Alessandro Piconi

Great post.
adding "&& ==;" to the database rules give me a console error like "Uncaught (in promise) FirebaseError: Missing or insufficient permissions".
deleting it all go fine.

mjoycemilburn profile image
MartinJ Author • Edited on

You're right - there 's a problem with my rules. I'm not sure how this slipped through but rules for "create" need to be a bit different to those for read, update and delete. I should have declared them as

service cloud.firestore {
  match /databases/{database}/documents {

    match /userShoppingLists/{document} {
        allow read, delete, update : if request.auth != null && ==;
        allow create : if request.auth != null && ==;
Enter fullscreen mode Exit fullscreen mode

The "create" rule needs to recognise that this is a "pending" request as the data isn't actually in a document yet and can't be located at

The "users should only see documents stamped by their user-id (userEmail)" stuff isn't really relevant to the main purpose of the post so I've edited this subtlety out