Firestore Security Rule null value error for create

Question

I have the following security rule:

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {

    function no_write(field) {
      return (!(field in request.resource.data) && !(field in resource.data)) 
      || (field in request.resource.data && field in resource.data && resource.data[field] == request.resource.data[field]);
    }

    function create_by_owner(field) {
      return (!(field in request.resource.data) && !(field in resource.data)) || ((field in request.resource.data) && !(field in resource.data))
      || (field in request.resource.data && field in resource.data && resource.data[field] == request.resource.data[field]);
    }

    match /ll_profile/{user_id} { 
      allow read: if true;
      allow write: if request.auth != null && user_id == request.auth.uid
      && no_write("last_changed") && create_by_owner("native_language");      
    }    
  }
}

The no_write function restricts a field to be modified. And create_by_owner only allows a field to be created, if the field already exists, no modification could be made. But when I run this unit test:

    it("succeed to write to my own document authenticated displayed_name field", async () => {
        const db = get_firestore(my_auth);
        const testDoc = db.collection(collection).doc(my_id);
        await firebase.assertSucceeds(testDoc.set({displayed_name: "123"}, {merge: true}));
    })

It gives me an error of Null value error. for 'create' @ L30 Null value error. for 'create' @ L30 I am not restricting the write access of the field displayed_name . What part of my rule is restricting this write access?

Answer 1

You get an null value error because resource does not exist on create ,

If you need to use resource.data in your rules you will have to split your write in create and update