Firestore Rule Failing While Using Get() on Newly Created Documents

Using get() in Firestore rules on a newly created document causes the return value to be false. If you wait a few seconds and hit a security rule that calls get() on that same new document, get() will then return the expected value. Am I missing something in my rules and/or code, or is this a bug with Firestore?

service cloud.firestore {
  match /databases/{database}/documents {

    match /budgets/{budgetId} {

      allow read: if resource.data.userId == request.auth.uid;
      allow create: if request.auth.uid == request.resource.data.userId;

      match /accounts/{accountId} {
        allow read, create, update: if userOwnsBudget();  // <--- failing for newly created budget documents
      }

      function userOwnsBudget() {
        return get(/databases/$(database)/documents/budgets/$(budgetId)).data.userId == request.auth.uid;
      }
    }
  }
}
const data: Budget = {
    userId: userId,
    budgetName: budgetName,
    currencyType: currencyType
};

try {
    const newBudget = await this.afs.collection<Budget>('budgets').add(data);

    const accountsCollection: AngularFirestoreCollection<BudgetAccount> = this.afs.collection<BudgetAccount>('budgets/' + newBudget.id + '/accounts');

    //Insufficient permission, but occasionally succeeds 
    accountsCollection.valueChanges().subscribe(accounts => {
        console.log(accounts);
    });

    setTimeout(() => {
        accountsCollection.valueChanges().subscribe(accounts => {
            console.log(accounts)
        });
    }, someArbitaryTime) // Typically waiting 5 seconds is enough, but occasionally that will still fail 

} catch(error) {
    console.error(error);
}

Answers:

Answer

EDIT: This bug has been resolved.

This is unfortunately a known issue at the moment. We're working on a fix and will update here once it's resolved. Thanks and sorry!

Tags

Recent Questions

Top Questions

Home Tags Terms of Service Privacy Policy DMCA Contact Us

©2020 All rights reserved.