GCP Firestore Security Rules optimization guide as Expected with Web App Authentication
I'm currently developing a web application using Angular 12 and Firebase as the backend, hosted on Google Cloud Platform... I've implemented Firestore as my database, and I've set up authentication with Firebase Authentication. However, I'm running into issues with my Firestore security rules not allowing authenticated users to read or write to certain collections as expected. My security rules look like this: ```plaintext service cloud.firestore { match /databases/{database}/documents { match /users/{userId} { allow read, write: if request.auth != null && request.auth.uid == userId; } match /publicData/{document=**} { allow read; } } } ``` I'm trying to ensure that authenticated users can only access their own user document, and anyone can read from the publicData collection. However, when I log in as a user and try to access their user document, I receive the following behavior: ``` FirebaseError: The current user does not have permission to perform this operation. ``` To troubleshoot, I've checked the following: 1. Verified that the user is indeed authenticated by logging the `request.auth` object in the Firestore rules. 2. Ensured that the user ID in the URL path matches the authenticated user's UID. 3. Tried setting the rules temporarily to allow all reads and writes to see if the scenario continues, which it did. I'm using Firestore SDK version 9.2.0 and the Firebase Admin SDK version 9.11.1. I also ensured that the Firebase project has Firestore enabled and that there are no other overlapping rules that could be causing issues. What could be causing this scenario? Are there specific nuances with Firestore security rules regarding user IDs that I might not be aware of? How would you solve this? This is happening in both development and production on macOS.