FirebaseError: [code=permission-denied]: Missing or insufficient permissions
Solution 1
add this to your Database Rules tab :
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write;
}
}
}
Solution 2
Try changing the rule to:
match /itinerary/{userId}/itineraryList/{doc} {
allow read, write: if true;
}
Be aware, the if condition of 'true' is just for testing, as it allows everyone permission to that resource. I only suggest it here for to test the rule works.
Adding /{doc}
to the match - allows the rule to be applied to the documents you are protecting.
Solution 3
I solved this by changing the rules of the database to the reading allowed for anyone, but leaving the methods of creating, changing, deleting and updating only for connected users. The commented part is for a later implementation where you have already defined administrator rules for each user logged in, so you can pass there that only users who are administrators can change.
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read: if true;
allow create, update, delete, write: if request.auth != null;
//allow create, update, delete, write: if request.auth != null && request.auth.uid == userIdAdmin;
}
}
}
Quan Hodges
Updated on May 09, 2021Comments
-
Quan Hodges about 3 years
I have a simple collection reference in a service
firebase.auth().onAuthStateChanged(user => { if (user) { this.itineraryCollection = firebase .firestore() .collection(`itinerary/${user.uid}/itineraryList`); } });
I'm calling this service OnInit
ngOnInit() { this.loggedInUser = firebase.auth().currentUser; this.dataSvc.getItineraries() .get() .then( itineraryListSnapshot => { this.itineraries = []; itineraryListSnapshot.forEach(snap => { this.itineraries.push({ id: snap.id, activities: snap.data().activities, destination: snap.data().destination, startDate: snap.data().startDate, endDate: snap.data().endDate, tripDetails: snap.data().tripDetails, userId: snap.data().userId }); }); }); // this.itineraries = this.dataSvc.getUserItinerary(); console.log('logged in user add itin page', this.itineraries); }
But I keep getting the following error on page initialization:
vendor.js:49548 ERROR Error: Uncaught (in promise): FirebaseError: [code=permission-denied]: Missing or insufficient permissions. FirebaseError: Missing or insufficient permissions. at new FirestoreError (vendor.js:76086) at JsonProtoSerializer.push../node_modules/@firebase/firestore/dist/index.cjs.js.JsonProtoSerializer.fromRpcStatus (vendor.js:81385) at JsonProtoSerializer.push../node_modules/@firebase/firestore/dist/index.cjs.js.JsonProtoSerializer.fromWatchChange (vendor.js:81882) at PersistentListenStream.push../node_modules/@firebase/firestore/dist/index.cjs.js.PersistentListenStream.onMessage (vendor.js:90087) at vendor.js:90016 at vendor.js:90056 at vendor.js:83144 at ZoneDelegate.push../node_modules/zone.js/dist/zone.js.ZoneDelegate.invoke (polyfills.js:2749) at Object.onInvoke (vendor.js:51123) at ZoneDelegate.push../node_modules/zone.js/dist/zone.js.ZoneDelegate.invoke (polyfills.js:2748) at resolvePromise (polyfills.js:3189) at resolvePromise (polyfills.js:3146) at polyfills.js:3250 at ZoneDelegate.push../node_modules/zone.js/dist/zone.js.ZoneDelegate.invokeTask (polyfills.js:2781) at Object.onInvokeTask (vendor.js:51114) at ZoneDelegate.push../node_modules/zone.js/dist/zone.js.ZoneDelegate.invokeTask (polyfills.js:2780) at Zone.push../node_modules/zone.js/dist/zone.js.Zone.runTask (polyfills.js:2553) at drainMicroTaskQueue (polyfills.js:2959) at push../node_modules/zone.js/dist/zone.js.ZoneTask.invokeTask (polyfills.js:2860) at ZoneTask.invoke (polyfills.js:2845)
I'm not sure what my database rules in firebase should be but I've tried a bunch of different rules:
match /itinerary/{userId} { allow read; allow write; } match /itinerary/{userId}/itineraryList { allow read; allow write; }
any help would be greatly appreciated
-
dwoodwardgb over 4 yearsThis should only be used for testing, as it would allow for any client to write.