my firebase rules used to work but stopped working

152 views
Skip to first unread message

Franciscus Hilhorst

unread,
Aug 16, 2019, 9:44:24 AM8/16/19
to Firebase Google Group
Hi Guys,

From one day to the next my firebase rules stopped working.
The ruleset below used to work both from my app and the firebase console. Then the next time I used firebase console and my app I could not see my database data except for the user table.

'service cloud.firestore {
  match /databases/{database}/documents {
    match /Studio/{id} {
      allow read, write, delete: if studioAccessAllowed(request.auth.uid,id);
      allow create:if request.auth.uid != null;
    }
    match /Studio/{id}/{document=**} {
      allow read, write, delete: if studioAccessAllowed(request.auth.uid,id);
      allow create:if request.auth.uid != null;
    }    
    match /User/{user}{
      allow read, write, delete, create;
    }
    function studioAccessAllowed(userUid,id) {
      return get(/databases/$(database)/documents/User/$(userUid)).data.studioID == id;
    }
  }
}

What I did find out is that the request.auth object is null because I can see my data with the following rules.

service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write: if request.auth == null;
    }
  }
}

I cannot see a code change having caused this and besides why did the firebase console stop working with my original rules and now work with "if request.autt == null"

I am stumped and need help.

Kato Richardson

unread,
Aug 16, 2019, 12:54:27 PM8/16/19
to Firebase Google Group
Hi Franciscus,

Accessing your data in the Firebase console doesn't depend on your security rules (it's an admin access privilege). So the "Firebase Console stop working" wouldn't have anything to do with your rules settings.

If you're talking about a client app, you'll need to be more specific.

☼, Kato

--
You received this message because you are subscribed to the Google Groups "Firebase Google Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firebase-tal...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/ea278d6e-6305-4c38-803b-011f792ee758%40googlegroups.com.


--

Kato Richardson | Developer Programs Eng | kato...@google.com | 775-235-8398

Franciscus Hilhorst

unread,
Aug 17, 2019, 10:37:06 AM8/17/19
to Firebase Google Group
Hi Kato,

I discovered that the problem occurred when I started my Google Crome browser  with CORS restrictions disabled.
In this case firebase console does respond to rules changes.
So with the following rules I could not see my data in the firebase console.
service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write: if request.auth != null;
    }
  }
}
Changing the rules to the state below immediately restored access on the firebase console
service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write: if request.auth == null;
    }
  }
}

So this is only a problem when I disable CORS restrictions which is still a pain in the neck because I do my angular development that way.
So I have to disable security for development.
For production I can use my original rules so that is good.
Reply all
Reply to author
Forward
0 new messages