Firestore gives me error: PERMISSION_DENIED: Missing or insufficient permissions

Question

I'm trying to get data from my firestore database. I did the following:

Firestore.instance.collection('highScore').document('gGSIHVzDIjX1UCq7Pk8q').get().then((DocumentSnapshot ds) {
          print(ds);
        });

I get the following error when this line is run: PERMISSION_DENIED: Missing or insufficient permissions.

I tried modifying the firestore rules to:

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, update, delete: if request.auth.uid == resource.data.uid;
      allow create: if request.auth.uid != null;
    }
  }
}

But I still get the same error. What am I doing wrong and how can I fix it?

Why do you think that this rule should allow read access to the document? It's saying that the UID of the signed in user must have a field called "uid" with the same value. Have you verified this is the case? Can you show evidence that these things are true? — Doug Stevenson
@DougStevenson Thanks for the response. I'm actually new to firebase, so I kind of just took that from StackOverflow trying out different things. I would like anyone to have access to read write and update — Jessica
Could you please explain what conditions do you want to apply for your Cloud Firestore Security Rules? — Nibrass H

Doug Stevenson Doug Stevenson · Accepted Answer · 2020-05-20T05:18:50

If your goal, as stated in comments, is to allow anyone read and write to your entire database:

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write;
    }
  }
}

This is extremely insecure, and if you do this, Firebase will send you email saying as much. You should implement proper rules ASAP so the entire internet cannot do whatever they want with your data.

Firestore gives me error: PERMISSION_DENIED: Missing or insufficient permissions

1 Answers