Cloud Firestore: Missing or insufficient permissions

9
votes

I am getting (on Android):

com.google.firebase.firestore.FirebaseFirestoreException: PERMISSION_DENIED: Missing or insufficient permissions

using these security rules:

service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write: if request.auth != null;
    }
  }
}

My app seems to be properly authenticated using FirebaseAuth, as the mFirebaseAuth.getCurrentUser().getUid() returns the proper user ID.

Is there something I am doing wrong?

3
androidfirebasefirebase-authenticationgoogle-cloud-firestore
It's happening to me too. Until yesterday everything worked find, but since today it keeps returning permission error. I checked my security rules, and nothing is wrong. The weird behavior is it works sometimes, and it doesn't work sometimes with exactly same code. Did u fix the problem? - wonsuc
This is happening occasionally on web and react-native(firebase-ios-sdk) as well. The problem should be in firestore and not on the client sdk. - sowdri

3 Answers

3
votes

Edit: just want to say that I managed to fix the issue by downgrading to 4.6.2. I have more details in this post

Pre-edit: This is happening to me ever since I upgraded react native and I cannot for the life of me figure out the problem. I've debugged it and my user is definitely authenticated at the time of the request, I checked this by running the below and I have a uid in there

firebase.auth().currentUser

So the next thing I wanted to do was check the session in the actual request to see what was happening. I added a piece of code to the entry point of my react app

XMLHttpRequest = GLOBAL.originalXMLHttpRequest ?
GLOBAL.originalXMLHttpRequest :
GLOBAL.XMLHttpRequest

and when I run this code it magically works again. This is delegating requests through the browser though so probably not a true test.

So then I started up Charles and compared the requests for my new react-native build with my old [working] react-native build. The requests look the same to me though (apart from a different sessionId) so I have no idea. The frustrating thing is the lack of debug tools through the firestore console.

My gut is to say some of the auth headers are expired/cached and that it's not firestore. Banging my head against a table at this point

1
votes

It seem it's a Firestore problem (in beta today), not in the client side.

1
votes

I asked the Firebase support team directly since this issue was kind of critical for our service and I received the email below. It seems they fixed the bug now.

Please let me know if the issue happens again.

Hi there,

We have just confirmed with our engineers that this sporadic issue with our Security Rules for Firestore was a known bug but was already fixed today. Kindly test your security rules again and let us know if you are still encountering the issue.

Regards, Kevin