Problem in rules of Firestore (collection group)

I want to get data from Firestore.
I have these structures for books in FireStore


Books --Book1.....name
             .....auteur
             .....user_id
             .....describe
	  --Book2.....name
             .....auteur
             .....user_id
             .....describe


and use this code to get it

FirebaseFirestore.instance
    .collectionGroup("Books")
    .get()
    .then(
      (res) => print("Successfully completed"),
      onError: (e) => print("Error completing: $e"),
    );


I set these rules for group collection in the rules of Firestore.

 match /{path=**}/Books/{book} {
     allow read: if request.auth != null && request.auth.uid == resource.data.user_id;
 }

And I set Firebase Authentication for this app
After compiling the app and logging in to the app
When I want to get the book I see this error


The caller does not have permission to execute the specified operation.

It looks like you are expecting that the rule will filter only documents where the user's UID equals the document's user_id field. That's not how rules work. The documentation is clear that rules are not filters. What your rule requires is that the query in your app must specify a filter on the user_id field with the value of the user's UID.

FirebaseFirestore.instance
    .collectionGroup("Books")
    .where("user_id", isEqualTo: uid)

Where uid is the user's UID.

This makes the query match the rule, so it is now only requesting documents that the rule has granted read access.