0

I have a collection called users in my firebase setup. I have the following rule setup (to allow anyone to read and write):

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
      allow read, write: if true;
  }
}

Now when I try access the data in the collection using the following:

const usersRef = db.ref("users");

usersRef.on("value", snapshot => {
    const users = snapshot.val();
    console.log(users);
    this.setState(() => ({ loading: false, users }));
}, function(error) {
    console.error('error', error);
});

I get the following permission issue:

error Error: permission_denied at /users: Client doesn't have permission to access the desired data.

How come?

Frank van Puffelen
  • 565,676
  • 79
  • 828
  • 807
strangeQuirks
  • 4,761
  • 9
  • 40
  • 67
  • The security rules you're showing apply to Cloud Firestore, while the code you're showing is accessing the Realtime Database. While both databases are part of Firebase, they're completely separate, and the security rules for one don't apply to the other. To fix the error, you will have to set the rules for the Realtime Database. For a walkthrough of how to do that, see https://stackoverflow.com/a/52129163 – Frank van Puffelen Jul 14 '20 at 02:02

1 Answers1

1

Make sure you are selecting the Realtime Database, it seems to me you are setting the rules on firestore but using the realtime database.

Your realtime database;s rules should look something like this:

{
    "rules": {    
        ".read": true,
        ".write": true
    }
}
andresmijares
  • 3,658
  • 4
  • 34
  • 40
  • Ah yes that is true! All i want is to query all the data in my databse and seems alot of the example are for real time. Will check. Thanks! – strangeQuirks Jul 13 '20 at 20:57
  • 1
    When you recommend totally open security rules, *please* always include a warning about the risk this poses. See https://firebase.google.com/docs/rules/insecure-rules#database and https://stackoverflow.com/a/51719989 – Frank van Puffelen Jul 14 '20 at 02:04