CODEWITHSUNDEEP
javascriptnode.jsfirebasegoogle-cloud-platform
Gianluca
Gianluca

Reputation: 980

Uncaught (in promise) FirebaseError: Missing or insufficient permissions

So I am running stripe payment method in my code and it produces the error index.cjs.js:409 Uncaught (in promise) FirebaseError: Missing or insufficient permissions.

I had allowed permission and upgraded my plan to blaze plan on firebase to allow stripe connectivity, but it still gives me the error... Anyone have any suggestions? Here is my firebase rules :

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /environments/{environment}/companies/{userId} {
      allow write, read: if request.auth.uid == userId;
      match /{anySubCollection}/{anyDocument} {
        allow write, read: if request.auth.uid == userId;  
    
      }
    match /customers/{uid} {
      allow read: if request.auth.uid == uid;

      match /checkout_sessions/{id} {
        allow read, write: if request.auth.uid == uid;
      }
      match /subscriptions/{id} {
        allow read: if request.auth.uid == uid;
      }
    }

    match /products/{id} {
      allow read: if true;
      allow write: if false;

      match /prices/{id} {
        allow read: if true;
        allow write : if false;
      }

      match /tax_rates/{id} {
        allow read: if true;
      }
    
    }
 }}}

this is the code In which I try to access the docs and write my actual code in:

 import firebase from 'firebase'
import getStripe from './stripe'

const firestore = firebase.firestore();

export async function createCheckoutSession(){
    // return firestore.collection()
    const checkoutSessionRef =  await firestore.collection('testdata').doc().collection('checkout_sessions').add(
        
        {price : price here
         success_url : window.location.origin,
         cancel_url: window.location.origin,
    }
    );

    checkoutSessionRef.onSnapshot(async (snap) => {
        const {sessionid} = snap.data();
        if (sessionid) {
             const stripe = await getStripe()
             stripe.redirectToCheckout({sessionid})
        }
    });
}

Upvotes: 1

Views: 7235

Answers (2)

Alireza Majdi
Alireza Majdi

Reputation: 1

Edit Rules of Cloud Firestore to this code then submit publish button

This is the code

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write: if true;
    }
  }
}

Upvotes: 0

Nicholas Tower
Nicholas Tower

Reputation: 84902

Your rules don't have any entry that match the collection named "testdata". The default behavior if there is no match is to deny access, which is why you're getting an error.

I think you may have some misplaced curly brackets in your rules. You've set it up so that everything is nested inside the rule for match /environments/{environment}/companies/{userId} {. I think you meant to close that rule before the rule for "customers".

Even fixing that though, there's still no entry for "testdata", so you'll need to add that in. For example:

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /environments/{environment}/companies/{userId} {
      allow write, read: if request.auth.uid == userId;
      match /{anySubCollection}/{anyDocument} {
        allow write, read: if request.auth.uid == userId; 
      }
    }
      
    match /testdata/{uid} {
      allow read: if request.auth.uid == uid;

      match /checkout_sessions/{id} {
        allow read, write: if request.auth.uid == uid;
      }
    }

    // ..
  }
}

Alternatively, maybe what you meant to access was the "customers" collection. In that case, you don't need to change your rules (other than the closing bracket), you need to change your code:

const checkoutSessionRef =  await firestore.collection('customers').doc().collection('checkout_sessions').add(

Upvotes: 1

Related Questions