code=PERMISSION_DENIED, description=Missing or insufficient permissions., cause=null

flutter firebase firebase-security

5,394

Solution 1

Just change your rules to as below if you want to allow anybody to upload the documents.

allow read, write;

If you want to allow only authenticated users to allow upload the files or documents to your firebase change your rules to

allow read, write: if request.auth != null;

Solution 2

change your rules to allow read,write: if request.auth !=null;

5,394

Author by

rvr93

Updated on December 14, 2022

Comments

rvr93 over 1 year
I am not able to read/write data to firestore with rules in place.

I can access my data and do operations on it with no rules set as shown below:
```
match /{document=**} {
  allow read, write: if true;
}
```
But I am getting the "permission denied" error with following rules.
```
match /{document=**} {
  allow read, write: if request.auth.uid != null;
}
```
Here is my dart code:
```
if (uid == null) {
  user = await a.currentUser();
  uid = user.uid;
}
DocumentReference docRef = firestore.collection('users').document(uid);
CollectionReference locations = docRef.collection('locations');


await locations.document().setData(<String, double>{
  'latitude': latitude,
  'longitude': longitude,
});
```
I can think of two scenarios in which this request fails:
1. request.auth.uid == null. But I have a user logged in with firebase auth before this query.
2. My security rules and query doesn't match.
Please help me debug this issue.

Edit 1:
1. I have user authenticated during my firebase query as I changed the code to enter only if the user is authenticated as below:
```
    User u = await a.onAuthStateChanged.first;

    if (u != null) {....}
```
1. I was able to read/write with authentication using firebase simulator.
Is there anyway I can print the actual request being sent to the firebase from dart using cloud_firestore package?

Edit 2
1. Firestore.instance is working with rules
2. Firebaseapp configured to my specific app using configure,options isn't working.
Any help on why this might be happening?
rvr93 over 4 years

I tried this solution.It did not solve the problem. Still I'm facing the same error - " failed: Status{code=PERMISSION_DENIED, description=Missing or insufficient permissions., cause=null}"
griffins over 4 years

check on your login
rvr93 over 4 years

I have user logged in at that point as my full error is:W/Firestore(28828): (21.1.1) [Firestore]: Listen for Query(users/{userid}/locations order by name) failed: Status{code=PERMISSION_DENIED, description=Missing or insufficient permissions., cause=null}. {userid} in that error is actual userid value.
Logemann over 4 years

there is for sure nothing wrong with using request.auth.uid != null as the author did
Logemann over 4 years

use the Firebase Rules Simulator (in the console). There you can also simulate a logged in user. This way you are sure that its not a Auth thing in your app. And btw: request.auth.uid != null is absolutely ok.
rvr93 over 4 years

I ran the firebase simulator. it is allowing me to read/write with authentication. To ensure that I have an authenticated user I changed my code to this: User u = await a.onAuthStateChanged.first; if (u != null) {....} My code enters the if block, so that means firebase user is authenticated at that point in my code.