Develop Reference

Image upload in firebase storage

I am getting the following error when trying to upload an image in my firebase storage.
Firebase Storage: User does not have permission to access 'images/istockphoto-1071305262-612x612-removebg-preview.png'. (storage/unauthorized)
Below are my db rules:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if
request.time < timestamp.date(2022, 2, 9);
}
}
}
Below are the storage rules:
rules_version = '2';
service firebase.storage {
match /b/{bucket}/o {
match /{allPaths=**} {
allow read, write: if request.auth != null;
}
}
}

Firestore permission error in test database mode

I know that questions about Firestore permission errors have been asked a lot, but my situation may be unique. This is because of three things:
my database is in test mode which should allow access to anyone (right?)
I am getting the error while simulating my app with an authenticated firebase user
I am able to write data--the error only happened while reading it.
Here are my security rules:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if
request.time < timestamp.date(2021, 12, 31);
}
}
}
Here is a screenshot of a description of Firestore's test database mode:
The actual error I got was this:
Error: Error Domain=FIRStorageErrorDomain Code=-13021 "User does not have permission
to access gs://zimmerfour.appspot.com/senderID." UserInfo={object=senderID,
ResponseBody={
"error": {
"code": 403,
"message": "Permission denied. Please enable Firebase Storage for your bucket by visiting the Storage tab in the Firebase Console and ensure that you have sufficient permission to properly provision resources."
EDIT:
I haven't changed the overall Cloud Storage rules. They are still set to the default of:
service firebase.storage {
match /b/{bucket}/o {
match /{allPaths=**} {
allow read, write: if request.auth != null;
}
}
}

The error message is coming from Cloud Storage for Firebase (as indicated by FIRStorageErrorDomain and the error message), which is protected by its own set of security rules in your project.

Try this method, it worked for me :)
// if you want to allow for all to read, write
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write;
}
}
}
// if you want to allow for all to read, and authenticated users to write
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read;
allow write: if request.auth != null;
}
}
}
// if you want to allow for only authenticated users to write or read
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth != null;
}
}
}

Firebase rules change

I want to stop reading data from firebase by using rules change. Here is the rules:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write;
}
}
}
I want to disallow all. How to do that ?

Change this:
allow read, write;
to this:
allow read, write: if false;

Flutter - [Firebase] Your Cloud Firestore database has insecure rules

I Don't know why I am getting this mail, I never used Firebase Database in my flutter project,
After clicking on the hyperlink it redirects to this code
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if true;
}
}
}

If you do not intend to to use Cloud Firestore Database at all in your project, I'd suggest turning off all read/writes. That will also stop the email-reminders of the insecure rules.
Simply change the allow read, write: if true; to allow read, write: if false;
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if false;
}
}
}

Firebase firestore security rules not working

I have a really simple firestore db that looks like the image above.
I want to write a security rule so that only authenticated users can get in, but whatever I write, I always get permission denied.
I have tried:
rules_version = '2';
service cloud.firestore {
match /users/{user} {
allow read, write: if request.auth.uid == user
match / {docs = **} {
allow read, write: if request.auth.uid == user
}
}
}
I also tried:
rules_version = '2';
service cloud.firestore {
match /users/{user} {
allow read, write: if request.auth.uid == user
match / {docs = **} {
allow read, write: if request.auth.uid == user
}
}
}
I also tried:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /users/{userId}/{documents=**} {
allow read, write: if isOwner(userId);
}
}
function isOwner(userId) {
return request.auth.uid == userId;
}
}
This does not work:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /sessions/{sessionID} {
allow read, write: if request.auth != null;
}
}
}
Neither does this:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /sessions/{sessionsID} {
allow read, write: if request.auth != null;
}
}
}

I tried to compare my rules with your database structure.
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /sessions/{sessionID=**} {
allow read, write: if request.auth.uid != null;
}
}
Now this should allow only registered users to gain access.