问题
We are accessing Firestore from our Java app engine instance.
Non-transactional requests are succeeding fine, but transactions are failing with the error:
firestore: PERMISSION_DENIED: Missing or insufficient permissions
Example Transaction
final long updatedValue = 15;
Firestore db = firebaseManager.getFirestore();
CollectionReference fooCollectionRef = db.collection(SOME_COLLECTION);
DocumentReference fooDocumentRef = fooCollectionRef.document(fooId);
final ApiFuture<Long> future = db.runTransaction(transaction -> {
DocumentSnapshot snapshot = transaction.get(fooDocumentRef).get();
transaction.update(fooDocumentRef, SOME_FIELD, updatedValue);
return updatedValue;
});
return future.get();
As far as I can tell, our permissions on the dev project are completely open:
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write;
}
}
}
From what I have read, allowing writes should also allow transaction updates to work, but neither they nor sime get calls are working.
Does anyone know if I am missing a step/have incorrect permissions set up?
(I have seen other similar questions posted about Firestore permission denied errors, but in those cases the rules are more specific. Currently, this project does not even require auth to access Firestore.)
回答1:
I was running into this same issue, but I managed to fix it. Set up a service account and point your Firestore instance to that. You can create a service account key here. Here's a sample code block showing how to use the service account. SERVICE_ACCOUNT_PATH is a string that contains the path to the service account and PROJECT_ID is a string containing your project id.
private static void authenticate() throws Exception {
FirestoreOptions firestoreOptions = FirestoreOptions.newBuilder()
.setCredentials(ServiceAccountCredentials.fromStream(new FileInputStream(SERVICE_ACCOUNT_PATH)))
.setProjectId(PROJECT_ID).build();
database = firestoreOptions.getService();
}
来源:https://stackoverflow.com/questions/46890785/firestore-transactions-giving-permission-denied