Reputation: 27
Permission denied for Firebase Realtime Database
I have firebase database rules set up like this
"Users":{
"$user_id":{
"Name":{
".read":"auth != null",
".write":"auth.uid == $user_id"
},
"Email":{
".read":"auth != null",
".write":"auth.uid == $user_id"
},
"Address":{
".read":"auth != null",
".write":"auth.uid == $user_id"
},
"Photo":{
".read":"auth != null",
".write":"auth.uid == $user_id"
},
"Number":{
".read":"auth.uid == $user_id",
".write":"auth.uid == $user_id"
}
,
"Current":{
".read":"auth != null",
".write":"auth.uid == $user_id"
}
}
}
The code that makes the request
FirebaseAuth mAuth = FirebaseAuth.getInstance();
DatabaseReference userRef = FirebaseDatabase.getInstance().getReference().child(FirebaseConstants.USERS).child(mAuth.getCurrentUser().getUid());
if(mAuth.getCurrentUser() !=null)
{
Log.i("DetailsActivity","User id "+mAuth.getCurrentUser().getUid());
}
else
{
Log.i("DetailsActivity","User not authenticated");
}
userRef.addListenerForSingleValueEvent(new ValueEventListener() {
@Override
public void onDataChange(@NonNull DataSnapshot dataSnapshot) {
if(dataSnapshot.hasChild(FirebaseConstants.NAME))
{
Name = dataSnapshot.child(FirebaseConstants.NAME).getValue().toString();
UserNameEdittext.append(Name);
}
if(dataSnapshot.hasChild(FirebaseConstants.EMAIL))
{
Email = dataSnapshot.child(FirebaseConstants.EMAIL).getValue().toString();
UserEmailEdittext.append(Email);
}
userInfoProgressbar.setVisibility(View.INVISIBLE);
}
@Override
public void onCancelled(@NonNull DatabaseError databaseError) {
userInfoProgressbar.setVisibility(View.INVISIBLE);
Log.i("DetailsActivity","error "+databaseError);
}
});
Logged Results
I/DetailsActivity: User id KfiIFOEGWQZIc5UREqX8qo4Nmkn1
I/DetailsActivity: error DatabaseError: Permission denied
When an authenticated user is making a request to the $user_id node under users node, it results in Permission Denied error. Firebase database rules works atomically, but all the read permissions are checking whether he is an authenticated user or the user is accessing his own data. When the user reads his own data and all read conditions are satisfied but still getting Permission Denied error.
But when I try to read any of these fields individually there is no errors
userRef.child(FirebaseConstants.NAME).addListenerForSingleValueEvent(new ValueEventListener() {
@Override
public void onDataChange(@NonNull DataSnapshot dataSnapshot) {
if(dataSnapshot.exists())
{
Name = dataSnapshot.getValue().toString();
Log.i("DetailsActivity","Name "+Name);
}
}
@Override
public void onCancelled(@NonNull DatabaseError databaseError) {
userInfoProgressbar.setVisibility(View.INVISIBLE);
Log.i("DetailsActivity","error "+databaseError);
}
});
I get the log as
I/DetailsActivity: Name elsonjose
Any help is appreciated. Thanks in advance.
Upvotes: 1
Views: 536
Answers (1)
Reputation: 1613
Assuming that you have a default set to:
"rules": {
".read": false,
".write": false,
You do have rules for single fields, but you are likely getting "Permission denied" when reading the whole user record because you don't have any rules set for the "$user_id" path itself. Try adding:
"Users": {
"$user_id": {
// Allow only authenticated content owners access to their data
".read": "auth != null && auth.uid == $user_id",
".write": "auth != null && auth.uid == $user_id"
}
...
Upvotes: 1
Related Questions
- Android Firebase Database Error: Permission denied
- Firebase Realtime Database: DatabaseError Permission denied
- Realtime database firebase rules - denied permission
- Why am I getting access denied on Firebase Database
- Firebase Permission denied Error
- DatabaseError: Permission denied firebase
- Cannot read data from firebase - Firebase DatabaseError: Permission denied
- Firebase permission denied while reading data
- Permission denied with Firebase
- Firebase error: Permission denied. Unable to read/write from Firebase Database