Firebase Security Rules completely open but still giving permission denied error

Question

I've written these Security Rules for my Firebase permissions that from what I understand should give all authenticated user permissions to read and write...

{
 "rules": {
  ".read": "auth != null",
  ".write": "auth != null"
}
}

But I still got these errors on my RTDB nodes..

[Firebase/Database][I-RDB03812] Listener at /UserVideo/null failed: permission_denied
[Firebase/Database][I-RDB03812] Listener at /users/4eb8920a-e407-4488-bce4-c6f64f7b0891 failed: permission_denied

I've validated that 4eb8920a-e407-4488-bce4-c6f64f7b0891 is in fact the users uid. And my Security Simulator told me both read and write were allowed for my ref/users and ref/UserVideo. What am I missing?

Perhaps you're not authenticated? Try true instead of "auth != null" to check. — Günter Zöchbauer
I would suggest checking, and maybe even posting, your code - specifically where you authenticate and see if it's returning an error when you are authenticating. — Jay
As a note you are trying to attach a listener to /UserVideo/null which may be a clue to the issue. — Jay

flipcode flipcode · Accepted Answer · 2017-12-24T06:30:19

Try auth.uid instead:

{
    "rules": {
        ".read": "auth.uid != null",
        ".write": "auth.uid != null"
    }
}

Firebase Security Rules completely open but still giving permission denied error

1 Answers