问题
I know this question has been frequently asked, however the solutions proposed did not solve it for me.
I tried to set-up a basic iOS Firestore app which writes some documents inside a collection. I followed the standard procedure, added the GoogleService-Info.plist to my project and I'm calling `FirebaseApp.configure() on launch.
My Firestore rules look like this:
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth != null;
}
}
}
Now once I try to save something inside a collection Firebase returns me a Permission denied error.
If however my rules are like so:
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if true;
}
}
}
The write is accepted. Obviously the request seems to not contain any auth information, but I can't find any additional documentation about this. Did I miss something?
Thanks for any help!
回答1:
if you are using authentication in your app then you should go with the
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth.uid != null;
}
}
}
This will only works if you were added firebase authentication in your app but if you didn't added then it will return PermissionDenied
you can also use this method
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if true;
}
}
}
but this method is not secure anyone can change your whole database at once and also Firebase won't recommend you to use this.
If you are in developing mode then use this and create your database but if you are going to production, you just need to change it to either
allow read, write: if request.auth.uid != null;
or if you don't have authentication in your app.
allow read, write: if false;
Hope this will help you to understand better.
回答2:
My guess is that since you are not authenticating with the firebase authentication service the request lacks the auth information.
From firebase documentation:
Authentication One of the most common security rule patterns is controlling access based on the user's authentication state. For example, your app may want to allow only signed-in users to write data
service cloud.firestore {
match /databases/{database}/documents {
// Allow the user to access documents in the "cities" collection
// only if they are authenticated.
match /cities/{city} {
allow read, write: if request.auth.uid != null;
}
}
}
https://firebase.google.com/docs/firestore/security/rules-conditions
You could try the rule after authenticating via firebase authentication service and check if that passes the rule or not.
来源:https://stackoverflow.com/questions/52422047/ios-firebase-firestore-permission-denied