diff --git a/firestore.rules b/firestore.rules
index 8bbc6bb7..15b60d0f 100644
--- a/firestore.rules
+++ b/firestore.rules
@@ -177,12 +177,12 @@ service cloud.firestore {
           allow delete: if request.auth.uid == resource.data.creatorId;
 
           match /groupContracts/{contractId} {
-              allow write: if isGroupMember() || if request.auth.uid == resource.data.creatorId;
+              allow write: if isGroupMember() || request.auth.uid == get(/databases/$(database)/documents/groups/$(groupId)).data.creatorId
             }
 
           match /groupMembers/{memberId}{
-             allow create: if request.auth.uid == resource.data.creatorId || (if request.auth.uid == request.resource.data.userId && get(/databases/$(database)/documents/groups/$(groupId)).data.anyoneCanJoin);
-              allow delete: if request.auth.uid == resource.data.userId;
+             allow create: if request.auth.uid == get(/databases/$(database)/documents/groups/$(groupId)).data.creatorId || (request.auth.uid == request.resource.data.userId && get(/databases/$(database)/documents/groups/$(groupId)).data.anyoneCanJoin);
+             allow delete: if request.auth.uid == resource.data.userId;
             }
 
           function isGroupMember() {