Get Error : Firestore: The caller does not have permission to execute the specified operation. But I have already signed in

37,882

Solution 1

This is an issue because of the rules that your DB currently has. Please check both datebases, Realtime and Firestore.

As in general, having full security rules or any other rule that is not complitely understood by RD or CF logic will get you that error everytime.

> // Full security
> 
> {   "rules": {
>     ".read": false,
>     ".write": false   } }

in Firestore you can configurate that as the following:

> service cloud.firestore {   match /databases/{database}/documents {
>     match /{document=**} {
>       allow read: if auth != null;
>       allow write: if auth != null;
>     }   } }

For more examples you can see: https://gist.github.com/codediodeio/6dbce1305b9556c2136492522e2100f6 https://firebase.google.com/docs/database/security

Solution 2

rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
  allow read, write: if false;
  }
 }
}

change to this

rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
 match /{document=**} {
  allow read, write: if request.auth != null;
  }
 }
}

Solution 3

I had the same error with my flutter application on Android Stuido and when I check the rules I saw there was a time limitation for allowing read and write operations. So I just extended the time period as below:

rules_version = '2';

service cloud.firestore {

match /databases/{database}/documents {

match /{document=**} {

  allow read, write: if

      request.time < timestamp.date(2022, 9, 29);

}

}

}

Solution 4

If you don't use authentication inside your app and only used the Firebase Firestore. So you can change it simply like this.

Change This

rules_version = '2';
service cloud.firestore {
 match /databases/{database}/documents {
 match /{document=**} {
  allow read, write: if false;
   }
  }
 }

Into This

rules_version = '2';
service cloud.firestore {
 match /databases/{database}/documents {
 match /{document=**} {
  allow read, write: if true;
   }
  }
 }

And last don't forget to publish these changes in order to save it.

If you have specified through timeStamp

If you have specified your Firestore rules through timeStamp then simply increase the length of duration of time.

rules_version = '2';
service cloud.firestore {
 match /databases/{database}/documents {
 match /{document=**} {
  allow read, write: if
    request.time < timestamp.date(2023, 3, 14);;
   }
  }
 }

Note: It is just for practicing and playing with Firestore data. If you want to build a production-level app then be sure to securely define your Firestore rules.

View more solutions

37,882

Kakata Kyun

Updated on July 09, 2022

Comments

Kakata Kyun almost 2 years

I have this problem and try to fix with all solutions I had found,but still not works. My rules in firebase cloud firestore is :

service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write : if auth != null ;
    }
  }
}

And I had already enable Sign-in Method Anonymously.

Android

android/build.gradle:

        classpath 'com.android.tools.build:gradle:3.1.3'
        classpath 'com.google.gms:google-services:4.0.1'

android/app/build.gradle:

    compile project(':react-native-firebase')
    compile project(':react-native-fbsdk')
    implementation project(':react-native-firebase')
    implementation fileTree(dir: "libs", include: ["*.jar"])
    implementation "com.android.support:appcompat-v7:${rootProject.ext.supportLibVersion}"
    implementation "com.facebook.react:react-native:+"  // From node_modules

    implementation 'com.google.firebase:firebase-core:16.0.4'
    implementation 'com.google.firebase:firebase-auth:16.0.4'
    implementation 'com.google.firebase:firebase-firestore:17.1.0'

Testing.js:

firebase.auth().signInAnonymously().then(()=>{
        firebase.app().firestore().collection('Hello').doc('hello').set({
          id:'fadsa'
        }).catch((err)=>{
          alert(err);
        })
      })

Kush about 3 years

request.auth worked, just auth did not, thank you! :)
StuckInPhDNoMore almost 3 years

Do not do this, it is not secure and will allow anyone to write to your database
KYL3R over 2 years

For me, it request.auth worked
Hasan Sh over 2 years

This works for all types of authentication methods (including anonymous auth!)