admin管理员组文章数量:1426918
Intended behavior
The goal is to rework my security rules such that only an authenticated user can read and write the data of that specific user. This is based on the users UID, which is how we identify individual users (this is done from firebase authentication, so not sure what the problem is).
The error
FirebaseError: Missing or insufficient permissions
Any suggestions on what I can do here would be very much appreciated. I haven't been able to find anything applicable in other questions asked.
Intended behavior
The goal is to rework my security rules such that only an authenticated user can read and write the data of that specific user. This is based on the users UID, which is how we identify individual users (this is done from firebase authentication, so not sure what the problem is).
The error
FirebaseError: Missing or insufficient permissions
Any suggestions on what I can do here would be very much appreciated. I haven't been able to find anything applicable in other questions asked.
Share Improve this question edited May 25, 2023 at 19:47 EASY EMDR asked Jul 6, 2020 at 21:42 EASY EMDREASY EMDR 131 silver badge4 bronze badges 1- 1 When posting about security rules, your question should also contain the code from the client that is being rejected. We need to be able to see that your rules match your query. – Doug Stevenson Commented Jul 6, 2020 at 21:47
3 Answers
Reset to default 3You need to specify that subcollection in your rules
service cloud.firestore {
match /databases/{database}/documents {
match /users/{userId} {
allow read: if request.auth.uid == userId;
match /practitionerClients/{clientId} {
allow read: if request.auth.uid == userId;
}
}
}
}
Whenever you add a new sub-collection like that you should usually have to specify it or add a wildcard rule for that path. So instead of the above rule you could do this
service cloud.firestore {
match /databases/{database}/documents {
match /users/{userId}/{document=**} {
allow read: if request.auth.uid == userId;
}
}
}
you can read more here
Your rules don't match any documents. You have to retain the match for /databases/{database}/documents that you were given in the initial set of rules, and as shown in the documentation.
service cloud.firestore {
match /databases/{database}/documents {
match /users/{userId} {
allow read: if request.auth.uid == userId;
}
}
}
For any persons who still face this issue. If you have subcollection in ff, you may try this option. please allow everyone/auth user to read the subcollection.
How to do that? go to data >> find setting symbol >> scroll down till you meet crud table >> check to allow read >> deploy rules
if you want to undo the rules, just visit firebase or supabase and delete that version of rules.
本文标签:
版权声明:本文标题:javascript - Error with Firestore security rules: FirebaseError: Missing or insufficient permissions - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1745474758a2659910.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论