Can someone please help me I am a complete noob to FireStore and FireBase and am trying to do something simple and FireBase is saying I do not have permission to do it? I am using Flutter. I have the following rules set up in FireBase rules console. I only have one project and one firestore database.
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow write: if request.auth != null;
allow read: if true;
}
}
}
I have a collection of users setup which has a uid as the collection parameter and running the following code after signing into flutter anonymously which does not throw an error. UserID is set to a valid value.
void createUser(String userID, String userName, String password) async {
final CollectionReference _users =
FirebaseFirestore.instance.collection("Users");
final data = {"Created": DateTime.now(), "LastLoggedIn": DateTime.now()};
_users.doc(userID).set(data, SetOptions(merge: true));
}
I am getting the following error message
10.3.0 - [FirebaseFirestore][I-FST000001] Write at Users/QUIEvBpJeAgprgEan0S736aKjdk2 failed: Missing or insufficient permissions.
I am using anonymous log ons
even when I use the following rules which is supposed to allow all reading and writing of the data I get the same error:
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if true;
}
}
}
I allowed several minutes to go by between when I set the permissions and before testing. Thanks.
Have you tried the default rule with timestamp :
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if
request.time < timestamp.date(2023, 11, 25);
}
}
}
Related
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if true;
}
}
}
These are my firestore rules. As you can see, I am allowing read/write access to everyone. However, when I run the app, I get an error "[cloud_firestore/permission-denied] The caller does not have permission to execute the specified operation."
I don't understand. Which part should I check?
Change Your rules like this
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth != null;
}
}
}
I solved the problem. The cause was the problem of going back and forth between the local emulator and the actual firestore.
After logging in from the Firebase emulator, I didn't log out. And because I tried to connect to the actual Firebase, an error occurred.
if (FirebaseAuth.instance.currentUser != null) {
await FirebaseAuth.instance.signOut();
}
I tried logging out with this code and it worked.
I Have Created firebase and flutter app and google is sending me emails saying firebase rules are not good. How do I make those rules better? I want to give permission to login users to read and my account to read and write permission.
I hope that will help you.
service cloud.firestore {
match /databases/{database}/documents {
// Make sure the uid of the requesting user matches name of the user
// document. The wildcard expression {userId} makes the userId variable
// available in rules.
match /users/{userId} {
allow read, update, delete: if request.auth != null && request.auth.uid == userId;
allow create: if request.auth != null;
}
}
}
This is a correct way you can secure database.
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
// Line below secure whole database so users are not alowed to create any new collections etc.
match /{document=**} {
allow read, write: if false;
}
match /app/{dataId} {
allow read: if true;
allow write: if isAdmin();
}
match /posts/{dataId} {
allow read: if resource.data.isPublic == true || isAdmin();
allow write: if isAdmin();
}
}
}
function isAdmin() {
return request.auth.token.admin == true;
}
Users don't have any .admin variables. You have to assign them using firebase functions. Read about custom claims.
I tried many different rules. But I am getting permission error.
But if I add this rule it works
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if true;
}
}
}
I noticed this. I'm having a problem with the collectionGroup function.
// permission error
this.fs.collectionGroup('screts', ref => ref.where("uid", "==", uid));
// no any error. I getting data
this.fs.doc('channels/zs2wJE3uBR62tqslJJe9').collection('screts').doc('scret_fields')
I'm receiving this error when I try to read one of my Firestore collections:
[ERROR:flutter/lib/ui/ui_dart_state.cc(177)] Unhandled Exception: [cloud_firestore/permission-denied] The caller does not have permission to execute the specified operation.
This is my Firestore Inicialization:
void main() async {
WidgetsFlutterBinding.ensureInitialized();
await Firebase.initializeApp();
runApp(MyApp());
}
And this is my try to access my collections:
Future initFirestore() async {
var firestore = FirebaseFirestore.instance;
//firestore.settings(timestampsInSnapshotsEnabled: true);
QuerySnapshot resultado = await firestore.collection("users").get();
print(resultado);
}
(I see some people talking about something that fix this, but Stackoverflow don't let me ask how to get in the document that those people were)
Please send help. You, stackoverflow, is the last hope
Allowing your users to read and write to your DB can be manipulated by updating the rules to your Cloud Firestore. (Found in console.firebase.google.com => Cloud Firestore => Rules)
If you would like to have all access (Nice to use while testing, but probably should be updated when you go live)
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: true;
}
}
}
If you want only auth'd users to access your DB you can add the following
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth.uid != null;
}
}
}
Here are the docs for the rules that you can brush up on to finetune your rules.
In Firestore I wan't to allow a read, if the targeted document does not exists. I have tried the following:
service cloud.firestore {
match /databases/{database}/documents {
match /reports/{report} {
allow read: if !exists(/databases/$(database)/documents/reports/{report});
}
}
}
It does not work, the respons is: Missing or insufficient permissions..
In case you're doing this server-side, you might instead query the document's existence using the admin SDK (firestore rules are only applied to the client SDK):
const snapshot = await adminFirestore.doc('reports/non-existent-item').get();
if (!snapshot.exists) {
// handle gracefully
}
This seems to be working.
allow get: if resource == null;