Firestore security rules do not work. Help me. Document data of users/userid could not be read.
----------Security Rule------------
service cloud.firestore {
match /databases/{database}/documents {
match /users/{userId=**} {
// Missing or insufficient permissions.
allow read, write: if request.auth.uid == userId
// this is work.
//allow read, write: if request.auth != null
}
} }
--------------main.js--------------------
import Vue from 'vue'
import Quasar from 'quasar'
import firebase from 'firebase'
import 'firebase/firestore'
Vue.config.productionTip = false
Vue.use(Quasar)
let app;
firebase.initializeApp({
apiKey: "",
authDomain: "",
databaseURL: "",
projectId: "",
storageBucket: "",
messagingSenderId: ""
})
firebase.auth().onAuthStateChanged(user=> {
if (user) {
let ref = firebase.firestore().collection('users').doc(user.uid)
ref.get().then(snapshot=>{
// Error !! : Missing or insufficient permissions.
}
}
if(!app){
Quasar.start(() => {
app = new Vue({
el: '#q-app',
render: h => h(require('./App').default)
})
})
}
})
firebase ^4.8.0 vue ^2.5.0
Apparently, require.auth.uid does not seem to work properly. Where is there a mistake in me?
Solution: Rules that restrict read and write access. Build rules that make sense for your data hierarchy. One of the common solutions to this insecurity is user-based security with Firebase Authentication. Learn more about authenticating users with rules.
To set up and deploy your first set of rules, open the Rules tab in the Cloud Firestore section of the Firebase console. Write your rules in the online editor, then click Publish.
I followed the example I found here (under the User tab) and it's working great:
// Grants a user access to a node matching their user ID
service firebase.storage {
match /databases/{database}/documents {
match /users/{userId}/{documents=**} {
allow read, write: if isOwner(userId);
}
}
function isOwner(userId) {
return request.auth.uid == userId;
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With