Here are our firebase rules:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents/studies/{studyId}/users {
match /{userId}/{document=**} {
allow read, write: if request.auth.uid != null && request.auth.uid == userId;
}
}
}