I want the capacity for a user to read and delete records on Firebase created by someone they invited to create records.
Created records have a field ‘resource.data.ownerUid’, with ownerId being the uid for the user that invited others to create records.
If I try something like:
allow read, delete: if request.auth.uid == resource.data.ownerUid;
But I get permission refused at the ‘get’ step of:
firestore.collection('screeningResponses') .where('screeningId', '==', screeningId) .get()
FirebaseError: Missing or insufficient permissions.
At that point I was planning on iterating through the QuerySnapshot and deleting the records, but can’t get that far. Any suggestions?