'request.auth.uid is not working in firestore security rule

I have firestore DB like below, uid field contains, uid of the authenticated user who has added the document

enter image description here

security role:

rules_version = '2';
service cloud.firestore {
 match /databases/{database}/documents {
    match /crush/{doc} {
      allow read: if request.auth != null && request.auth.uid == resource.data.uid;
      allow write : if request.auth != null;
      }
    }
}

mocking read rule works enter image description here

however, in the actual flutter App, only DB write is working, read fails with below error

/Firestore( 6538): (24.0.1) [Firestore]: Listen for Query(target=Query(crush order by name);limitType=LIMIT_TO_FIRST) failed: Status{code=PERMISSION_DENIED, description=Missing or insufficient permissions., cause=null}

which makes me believe request.auth.uid is blank for incoming read

the program looks something like below

# landing.dart
# Authentication class is helper for FirebaseAuth.instance 
import 'home.dart';

class Landing extends StatefulWidget {
  const Landing({Key? key}) : super(key: key);

  @override
  State<Landing> createState() => _LandingState();
}

class _LandingState extends State<Landing> {
  dynamic authStream = Authentication().authState;
  @override
  Widget build(BuildContext context) {
    return StreamBuilder(
        stream: authStream,
        builder: (BuildContext context, AsyncSnapshot<AppUser?> snapshot) {
          if (snapshot.data != null) {
            return Home(snapshot.data);
          }
          else {
            return SignIn(); //via google
          }
        });
  }
}

# home.dart
# Database class is helper for FirebaseFirestore.instance
import 'package:flutter/material.dart';
import 'package:password_safe/models/crush.dart';
import 'package:password_safe/models/user.dart';
import 'package:password_safe/services/authentication.dart';
import 'package:password_safe/services/database.dart';

class Home extends StatefulWidget {
  AppUser? user;

  Home(this.user, {Key? key}) : super(key: key);

  @override
  _HomeState createState() => _HomeState();
}

class _HomeState extends State<Home> {
  dynamic streamCrush = Database().getCrushSnapshot;
  @override
  Widget build(BuildContext context) {
    return Scaffold(
      floatingActionButton: FloatingActionButton(
        onPressed: () {
          provideInput(context, widget.user);
        },
        child: Icon(Icons.add),
      ),
      body: StreamBuilder(
        stream: streamCrush,
        builder: (BuildContext context, AsyncSnapshot<List<Crush>> snapshot) {
          if (snapshot.hasError) {
            return Center(child: Text('Error Ocurred'));
          }
          if (snapshot.connectionState == ConnectionState.waiting) {
            return CircularProgressIndicator();
          }
          return myList(snapshot.data!);
        },
      ),
    );
  }
}

\\ database.dart
import 'dart:developer' as developer;

import 'package:cloud_firestore/cloud_firestore.dart';
import 'package:password_safe/models/crush.dart';

class Database {
  late FirebaseFirestore _db;
  late CollectionReference crushCollection;
  final String _logName = "Database";
  static final Database _instance = Database._internal();

  Database._internal() {
    try {
      _db = FirebaseFirestore.instance;
      crushCollection = _db.collection('crush');
    } catch (e) {
      // do something
    }
  }

  factory Database() {
    return _instance;
  }

  Future<void> addCrush(Crush crush) async {
    await crushCollection
        .add(crush.toMap())
        .then(
          (value) => developer.log('adding crush to backend', name: _logName),
        )
        .catchError(
          (error) => developer.log('Error while adding crush',
              name: _logName, error: error),
        );
  }

  Stream<List<Crush>> get getCrushSnapshot {
    return crushCollection
        .snapshots()
        .map((event) => _crushListFromSnapshot(event));
  }

  List<Crush> _crushListFromSnapshot(QuerySnapshot snapshot) {
    return snapshot.docs.map((e) {
      Map<String, dynamic> data = e.data() as Map<String, dynamic>;
      data.addAll({'id': e.id});
      return Crush.fromMap(data);
    }).toList();
  }

  Future<void> deleteCrush(Crush crush) {
    return crushCollection
        .doc(crush.id)
        .delete()
        .then((value) =>
            developer.log('deleting crush from backend', name: _logName))
        .onError((error, stackTrace) => developer.log(
            'error occured while deleting data from crush',
            name: _logName,
            error: error,
            stackTrace: stackTrace));
  }
}

pubspec.yaml

dependencies:
  cloud_firestore:
  google_sign_in: '^4.5.1'
  firebase_auth:
  firebase_core:
  flutter:
    sdk: flutter
firebasefluttergoogle-cloud-firestorefirebase-security


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

ADB exited with exit code 1

ADB exited with exit code 1

Flutter: wasm streaming compile failed: TypeError: Could not download wasm module

How to add integer as default/initial value for TextFormField in flutter?

How to highlight correct word on searchDelegate?

Xcode build is missing expected TARGET_BUILD_DIR build setting

Generic callback with generic class as parameter in Dart

How to not dispose of previous widget when navigating to a new widget in Flutter?

Unhandled Exception: type 'Null' is not a subtype of type 'Map<String, dynamic>' in type cast

FirebaseMessagingService Illegal Access

Firebase push notifications stops working after some time for all users in my Flutter app. Is this correct flutter fcm implementation?

How to draw a horizontal line in flutter row widgets?

Flutter testing error: NotInitializedError which involves environment variables (.env)

How to make a widget take as much width as the screen in Flutter?

ERROR: Runner.xcworkspace does not exist. error implementing google maps