Menu
I have set a custom claim using the firebase admin sdk. I have successfully use it to control access in the frontend and even with the RTDB, but I'm not able to use it with the Firestore database. Here is my security rule:
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth.token.admin == true;
}
}
}
Here is the code in my app:
const users = []
firebase.firestore().collection('users')
.get()
.then(function (querySnapshot) {
querySnapshot.forEach(function (doc) {
users.push(doc.data())
})
})
.then(() => {
commit('setUsersList', users)
commit('setLoading', false)
})
.catch(function (error) {
console.log('Error getting documents:', error)
commit('setLoading', false)
})
And here is the error I'm getting:
Error: Missing or insufficient permissions
904
I have fixed the error. My mistake was that I was setting the permission using the admin sdk but I wasn't passing a boolean but a string.
For example, I was setting the user with uid '1' like this:
axios.post('/admin/setadminprivileges/1/true')
In my firebase functions I was getting:
app.post('/admin/setadminprivileges/:id/:permission', (req, res) => {
const permission = req.params.permission // this is a string "true"
const uid = req.params.id // "1"
const payload = {admin: permission}
admin.auth().setCustomUserClaims(uid, payload)
})
And now with this is working fine:
app.post('/admin/setadminprivileges/:id/:permission', (req, res) => {
const permissionString = req.params.permission
const permission = permissionString === 'true' // this is now a boolean
const uid = req.params.id
const payload = {admin: permission}
admin.auth().setCustomUserClaims(uid, payload)
})
Thanks anyway. I knew it had to be a silly issue of my own, because Firebase is a solid product.
75
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With