Firebase Realtime IOS can't read data permission denied - swift

This is the error in the console
Unable to get latest value for query FQuerySpec (path: /Oeuvres/13, params: {
}), client offline with no active listeners and no matching disk cache entries
[Firebase/Database][I-RDB082010] Got data message: {
b = {
d = "Permission denied";
s = "permission_denied";
};
r = 3; }
When I run my code
var ref: DatabaseReference!
ref = Database.database().reference()
ref.child("Oeuvres").child(id).getData(completion: { error, snapshot in
guard error == nil else {
print("\(error!.localizedDescription)")
return;
}
print(snapshot.value)
});
Here's my rules on firebase realtime database
{
"rules": {
".read": true,
".write": "auth !== null"
}
}
Anyone can help me please ?

Related

"Cannot read property 'uid' of undefined" error - Plaid link token

I'm getting a "Cannot read property 'uid' of undefined" when trying to create a plaid token....I have spent like 3 days trying to make it work.
does anybody knows how to fix it?
Cloud function to get Plaid token
//PLAID - create link Token plaid Nat
const plaid = require("plaid");
exports.createPlaidLinkToken = functions.https.onCall(async (data, context) => {
const customerId = context.auth.uid;
const plaidClient = new plaid.Client({
clientID: functions.config().plaid.client_id,
secret: functions.config().plaid.secret,
env: plaid.environments.development,
options: {
version: "2019-05-29",
},
});
return plaidClient.createLinkToken({
user: {
client_user_id: customerId,
},
client_name: "Reny",
products: ["auth"],
country_codes: ["US"],
language: "en",
})
.then((apiResponse) => {
const linkToken = apiResponse.link_token;
return linkToken;
})
.catch((err) => {
console.log(err);
throw new functions.https.HttpsError(
"internal",
" Unable to create plaid link token: " + err
);
});
});
swift function
class func createLinkToken(completion: #escaping (String?) -> ()){
//this is the firebase function
Functions.functions().httpsCallable("createPlaidLinkToken").call { (result, error) in
if let error = error {
debugPrint(error.localizedDescription)
return completion(nil)
}
guard let linkToken = result?.data as? String else {
return completion(nil)
}
completion(linkToken)
}
}
The only .uid in your code is in this line:
const customerId = context.auth.uid;
So it seems like context.auth is undefined. In the Cloud Functions code you can handle this with:
exports.createPlaidLinkToken = functions.https.onCall(async (data, context) => {
// Checking that the user is authenticated.
if (!context.auth) {
// Throwing an HttpsError so that the client gets the error details.
throw new functions.https.HttpsError('failed-precondition', 'The function must be called ' +
'while authenticated.');
}
const customerId = context.auth.uid;
...
The new code here comes from the Firebase documentation on handling errors in callable Cloud Functions.
You'll also want to check if the user is signed in in your Swift code.

Firebase Authentication creates user but does not add their Info to database

I am new to using firebase and ios development in general. I am having an issue with adding user's info to the firestore database even though they are being added as authenticated users. Any Suggestions?
Auth.auth().createUser(withEmail: email, password: password) { (result, err) in
if err != nil {
self.errorLabel.text = "Error Creating User"
self.errorLabel.alpha = 1
} else {
let db = Firestore.firestore()
db.collection("users").addDocument(data: ["firstname":firstname, "lastname":lastname, "uid":result!.user.uid]) { (error) in
if error != nil {
self.errorLabel.text = "error saving user data"
self.errorLabel.alpha = 1
}
}
self.transitionScreens()
}
}
}
}
Change your code to the following:
// Add a new document with a generated ID
var ref: DocumentReference? = nil
ref = db.collection("users").addDocument(data: [
"firstname": firstname,
"lastname": lastname,
"uid": result!.user.uid
]) { err in
if let err = err {
print("Error adding document: \(err)")
} else {
print("Document added with ID: \(ref!.documentID)")
}
}
Using this print statement print("Error adding document: \(err)") you can know exactly what the error is.
Also change your security rules to the following:
// Allow read/write access to all users under any conditions
// Warning: **NEVER** use this rule set in production; it allows
// anyone to overwrite your entire database.
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if true;
}
}
}
Check out the following different rules you can give access to users depending on the data
service cloud.firestore {
match /databases/{database}/documents {
//allows all users to read and write, but dangerous as any one can flood your database
match /public_collection/{document=**} {
allow read, write: if true;
}
//only read access
match /public_read_collection/{document=**} {
allow read: if true;
allow write: if false;
}
//prefered for storing users personal info, users can access only their data
match /users/{userId} {
allow read, write: if request.auth.uid == userId;
}
//any authenticated user can access or write data
match /posts/{documentId} {
allow read, write: if request.auth.uid != null;
}
}
}

Issue Connecting to MongoDB collections

I am using axios and express.js API to connect to my mongo DB. I have a .get() request that works for one collection and doesn't work for any other collection. This currently will connect to the database and can access one of the collections called users. I have another collection setup under the same database called tasks, I have both users and tasks setup the same way and being used the same way in the code. The users can connect to the DB (get, post) and the tasks fails to connect to the collection when calling the get or the post functions. When viewing the .get() API request in the browser it just hangs and never returns anything or finishes the request.
any help would be greatly appreciated!
The project is on GitHub under SCRUM-150.
API connection
MONGO_URI=mongodb://localhost:27017/mydb
Working
methods: {
//load all users from DB, we call this often to make sure the data is up to date
load() {
http
.get("users")
.then(response => {
this.users = response.data.users;
})
.catch(e => {
this.errors.push(e);
});
},
//opens delete dialog
setupDelete(user) {
this.userToDelete = user;
this.deleteDialog = true;
},
//opens edit dialog
setupEdit(user) {
Object.keys(user).forEach(key => {
this.userToEdit[key] = user[key];
});
this.editName = user.name;
this.editDialog = true;
},
//build the alert info for us
//Will emit an alert, followed by a boolean for success, the type of call made, and the name of the
//resource we are working on
alert(success, callName, resource) {
console.log('Page Alerting')
this.$emit('alert', success, callName, resource)
this.load()
}
},
//get those users
mounted() {
this.load();
}
};
Broken
methods: {
//load all tasks from DB, we call this often to make sure the data is up to date
load() {
http
.get("tasks")
.then(response => {
this.tasks = response.data.tasks
})
.catch(e => {
this.errors.push(e);
});
},
//opens delete dialog
setupDelete(tasks) {
this.taskToDelete = tasks;
this.deleteDialog = true;
},
//opens edit dialog
setupEdit(tasks) {
Object.keys(tasks).forEach(key => {
this.taskToEdit[key] = tasks[key];
});
this.editName = tasks.name;
this.editDialog = true;
},
//build the alert info for us
//Will emit an alert, followed by a boolean for success, the type of call made, and the name of the
//resource we are working on
alert(success, callName, resource) {
console.log('Page Alerting')
this.$emit('alert', success, callName, resource)
this.load()
}
},
//get those tasks
mounted() {
this.load();
}
};
Are you setting any access controls in the code?
Also refer to mongoDB's documentation here:
https://docs.mongodb.com/manual/core/collection-level-access-control/
Here is my solution:
In your app.js, have this:
let mongoose = require('mongoose');
mongoose.connect('Your/Database/Url', {
keepAlive : true,
reconnectTries: 2,
useMongoClient: true
});
In your route have this:
let mongoose = require('mongoose');
let db = mongoose.connection;
fetchAndSendDatabase('yourCollectionName', db);
function fetchAndSendDatabase(dbName, db) {
db.collection(dbName).find({}).toArray(function(err, result) {
if( err ) {
console.log("couldn't get database items. " + err);
}
else {
console.log('Database received successfully');
}
});
}

Firebase Geofire permission denied

I'm using Firebase Geofire to get user locations to store them in my database. I get an error when I try to run a query:
Listener at /RDio5CZF2fcJTUOcaeNJhuvYP2Q2 failed: permission_denied
2017-09-19 22:34:24.809 HeartQuest[26419] <Warning> [Firebase/Database][I-RDB038012] Listener at /RDio5CZF2fcJTUOcaeNJhuvYP2Q2 failed: permission_denied
An error occurred getting the location for "firebase-hq": Optional("Permission Denied")
The errors occur after running the following query:
let userID = User.current?.key
let geofireRef = Database.database().reference()
let geoFire = GeoFire(firebaseRef: geofireRef)
geoFire?.getLocationForKey(userID!, withCallback: { (location, error) in
if (error != nil) {
print("An error occurred getting the location for \"firebase-hq\": \(error?.localizedDescription)")
} else if (location != nil) {
print("Location for \"firebase-hq\" is [\(location?.coordinate.latitude), \(location?.coordinate.longitude)]")
} else {
print("GeoFire does not contain a location for \"firebase-hq\"")
}
})
}
Can anyone please explain what the location key is and why I might not have permission for it? I'm using CLLocationManager to request the user's permission for their phone's location.
EDIT: Firebase rules
{
"rules": {
".validate": "auth != null",
".write": "auth != null",
"users" : {
".read": "auth != null",
".indexOn" : ["email","username"],
"$userId": {
".write": "data.val() == null || (newData.val() == null && $userId === auth.uid)"
}
}
}
}

How to debug a Firebase authentication rule?

Within Firebase, I've implemented a rule to restrict access to a node to the user that's currently logged on. The node looks like this:
{
"app": {
"my_team": {
"a_really_long_uid_string": {
"Lionel_Messi" = true,
"Christiano_Ronaldo" = true
}
}
}
}
and I've created the following rule (based on the online Firebase documentation), which should mean a logged in user can see only their own data (i.e. no other user's data).
{
"rules": {
"my_team": {
"$uid": {
".read": "auth != null && auth.uid == $uid",
".write": "auth != null && auth.uid == $uid"
}
}
}
}
My client environment is in Swift and I've made a simple test routine,
func testAuthentication() {
print("test: \(uid)")
FirebaseRef.child("my_team").observe(.value, with: { (snapshot) in
let snapshot = snapshot.value as! [String: AnyObject]
print("test2: \(snapshot)")
}) { (error) in
print(error.localizedDescription)
}
}
When I run the code, I get the first print in the console ("test: a_really_long_uid_string") but don't get the second print statement.
If I change the rule to restrict access to any logged in users, I get both print statements in the XCode console.
{
"rules": {
"my_team": {
"$uid": {
".read": "auth != null",
".write": "auth != null"
}
}
}
}
Does anyone know what's up or how I can troubleshoot this? I'm wondering if either auth.uid or $uid are nil or something on the server, which could be a reason for access being denied.