User Already Authenticated in App and Firebase Realtime Database Returns Failed: Permission_Denied

User already authenticated in app and Firebase realtime database returns failed: permission_denied

Your rules are correct, the only issue is that when writing to your database, you need to say that the userID is under the users node. Remember to initialize your database like this:

let ref = Database.database().reference()

Here's your updated WRITE code:

ref.child("users/\(userID)/FirstName").setValue(firstName.text!)

Personally, I like to create an extension for DataSnapshot to make getting fields easier:

extension DataSnapshot {
    func get(_ field: String) -> Any? {
        return (value as? [String : Any])?[field]
    }
}

Just copy and paste that anywhere outside of a ViewController. Using this function, you can refactor your READ code to this:

guard snapshot.exists() else { return print("Invalid User ID") }
self.firstNameLabel.text = snapshot.get("FirstName") as? String

As a sidenote, it is convention for Firebase fields to be lowerCamelCase, like variables are in Swift.

Firebase Permission Denied

By default the database in a project in the Firebase Console is only readable/writeable by administrative users (e.g. in Cloud Functions, or processes that use an Admin SDK). Users of the regular client-side SDKs can't access the database, unless you change the server-side security rules.

---

You can change the rules so that the database is only readable/writeable by authenticated users:

{
  "rules": {
    ".read": "auth != null",
    ".write": "auth != null"
  }
}

See the quickstart for the Firebase Database security rules.

But since you're not signing the user in from your code, the database denies you access to the data. To solve that you will either need to allow unauthenticated access to your database, or sign in the user before accessing the database.

Allow unauthenticated access to your database

The simplest workaround for the moment (until the tutorial gets updated) is to go into the Database panel in the console for you project, select the Rules tab and replace the contents with these rules:

{
  "rules": {
    ".read": true,
    ".write": true
  }
}

This makes your new database readable and writeable by anyone who knows the database's URL. Be sure to secure your database again before you go into production, otherwise somebody is likely to start abusing it.

Sign in the user before accessing the database

For a (slightly) more time-consuming, but more secure, solution, call one of the signIn... methods of Firebase Authentication to ensure the user is signed in before accessing the database. The simplest way to do this is using anonymous authentication:

firebase.auth().signInAnonymously().catch(function(error) {
  // Handle Errors here.
  var errorCode = error.code;
  var errorMessage = error.message;
  // ...
});

And then attach your listeners when the sign-in is detected

firebase.auth().onAuthStateChanged(function(user) {
  if (user) {
    // User is signed in.
    var isAnonymous = user.isAnonymous;
    var uid = user.uid;
    var userRef = app.dataInfo.child(app.users);
    
    var useridRef = userRef.child(app.userid);
    
    useridRef.set({
      locations: "",
      theme: "",
      colorScheme: "",
      food: ""
    });

  } else {
    // User is signed out.
    // ...
  }
  // ...
});

PERMISSION_DENIED (rules set for wrong database product)

Ok, i found it myself how to do it.

Go to database, next to title there are 2 options:

Cloud Firestore,
Realtime database

Select Realtime database and go to rules

change rules to true.

This solved my problem.

Flutter Firebase database permission denied after successful authentication

After I found that issue is only on IOS, I figured it must be something wrong with my configuration and that was it.
After correctly importing GoogleService-Info.plist based on this video: https://youtu.be/3nFIMej3Tvw it worked fine.

Realtime database firebase rules - denied permission

From the error message it looks like you're attaching a listener to the root of the database. When you try to do this, Firebase checks if you have permission to read the root. Your rules grant nobody permission to read the root of the database, so the read is rejects.

It is important to realize that rules don't filter data, but they merely enforce that all access to the data follows the rules. Since you only grant access to /users/$uid, you can only attach a listener to /users/$uid or lower.

The solution is to move the path building that you now do inside onDataChange to just outside of that:

database
  .child(App.res.getString(R.string.word_user))
  .child(prefs.user_id.toString())
  .child("expenses")
  .addListenerForSingleValueEvent(object : ValueEventListener {
    override fun onDataChange(dataSnapshot: DataSnapshot) {
        for (snapshot in dataSnapshot.children) {
            ...

This not only ensures your code is allowed to read the data, but also means it tries to download much less data (which saves both you and your users money and time).

Also see:

• the Firebase documentation explaining that rules are not filters
• this question on the topic: https://stackoverflow.com/a/14298525
• many other questions about rules not being filters.

firebase permission_denied when running program

Good to hear that you have solve it (I read it in the comment section) , but I wanted anyway to write this answer because I get a similar problem in the past.
So by default firebase database only readable/writeable by authenticated users(if you take a look at rules inside your firebase console you will find the following):

  {
  "rules": {
    ".read": "auth != null",
    ".write": "auth != null"
  }
}

So to let a non authenticated user read/ write data you should change the rules to the following

{
  "rules": {
    ".read": true,
    ".write": true
  }
}

and this was the solution for me.

---

Related Topics