Permission denied issue with new Firebase.

[James Laurenstin]

Hi, 

I'm having problem setting up our iOS project (which is used in stores) with the new Firebase.

I've added and setup GoogleService-Info.plist file

Called FIRApp.configure() in the  func application(application: UIApplication, didFinishLaunchingWithOptions launchOptions: [NSObject : AnyObject]?) -> Bool {}

But unfortunately, I'm getting a Permission denied error when I'm trying to check a database value.

Any ideas of that I'm doing wrong?

Firebase structure:

// mfind-dev 

    ---> stores

    ---> sessions

    ---> employees

self.serverRef.child("stores").observeEventType(.Value, withBlock: { snapshot in

                //  value successfully checked

            }, withCancelBlock: { error in

                // error, permission denied.

        })

[Frank van Puffelen]

Hey James,

Most likely this is because the Database of projects created in the new Firebase Console are readable/writeable only by users that are signed in using Firebase Authentication. Since you're not signing the user in from your code, the database denies you access to the data.

The simplest workaround for the moment is to go into the Database panel in the console for you project, select the Rules tab and replace the contents with these rules:

{
  "rules": {
    ".read": true,
    ".write": true
  }
}

This makes your new database readable and writeable by everyone. Be certain to secure your database again before you go into production, otherwise somebody is likely to start abusing it.

See the quickstart for the Firebase Database security rules.

    puf

[James Laurenstin]

Yes, it worked for now. Thanks

[Frank van Puffelen]

Great to hear. 

Once you've gone through the initial steps of reading/writing to your database, I highly recommend that you implement Firebase Authentication and reset the security rules to their default state.

[James Laurenstin]

Yes, that sounds like a good idea. Ever since I've migrated to the new Firebase it was giving me those issues.

For now, I'll reset the security rules.

Thanks a lot.

- James

--
You received this message because you are subscribed to a topic in the Google Groups "Firebase Google Group" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/firebase-talk/oXyspJwlgU0/unsubscribe.
To unsubscribe from this group and all its topics, send an email to firebase-tal...@googlegroups.com.
To post to this group, send email to fireba...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/e1609740-713e-4140-96a6-15f6c22cfead%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

[Sudharsan R]

I am trying to hit the database using the access_token as per the REST API documentation. But I get the error as follows. Any help is appreciated.

$ curl https://shorturl-XXXX.firebaseio.com/users.json?access_token=ya29.CjD1Ap1eY1qfNEcW9YZNGD7Vh1UFXh8pfQwiE4KF_0nWAU1D-mGhfeKrS51KrE0lyYk

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

100    37  100    37    0     0     56      0 --:--:-- --:--:-- --:--:--    56{

  "error" : "Permission denied."

}

Security rule:

{

  "rules": {

    ".read": "auth !== null",

    ".write": true 

  }

}

[Sudharsan R]

Hi...

I modified the access_token while posing. I am generating a new one here.

$ curl https://shorturl-1267.firebaseio.com/users.json?access_token=ya29.CjD1AmAxJTthwDy9vvPEIQoR6nNHfEi8yM6NaKsYoMQTFiDUT2YFOdmrPLrLrv7M09I

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

100    37  100    37    0     0     56      0 --:--:-- --:--:-- --:--:--    56{

  "error" : "Permission denied."

}

Posted with the actual database name and token.

On Thursday, 2 June 2016 15:27:03 UTC-6, Jacob Wenger wrote:

That access token looks malformed. You can verify this by inspecting the decoded token on jwt.io. Are you sure you copied the entirety of it?

Cheers,

Jacob

--
You received this message because you are subscribed to the Google Groups "Firebase Google Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firebase-tal...@googlegroups.com.

To post to this group, send email to fireba...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/015aa58b-c90a-48d6-9c66-76a9e02f5039%40googlegroups.com.

[Jacob Wenger]

Hey  Sudharsan,

Would you mind starting a new thread instead of tagging onto a tangentially related one? Please provide answers to the following questions so we can more easily help you:

• How did you generate the access token you are using?
• How old was the access token? FYI that they expire after one hour.

Please provide the link to the other thread here so that people can follow the conversation.

Jacob

[Sudharsan R]

Sure I am doing it now! Thanks for your help.

[Sudharsan R]

Pls follow the step by step reproduction here -> https://groups.google.com/d/msg/firebase-talk/s0wtW8wCwl8/D7NibHWKAwAJ