Develop Reference

403 error on downloadUrl (Kotlin) in Firebase Storage

Getting this error:
E/StorageUtil: error getting token java.util.concurrent.ExecutionException: com.google.firebase.internal.api.FirebaseNoSignedInUserException: Please sign in before trying to get a token.
This too:
E/StorageException: StorageException has occurred.
The user does not have permission to access this object.
Code: -13021 HttpResult: 403
E/StorageException: { "error": { "code": 403, "message": "Permission denied." }}
java.io.IOException: { "error": { "code": 403, "message": "Permission denied." }}
When this code is hit in my android app:
val urlTask = uploadTask?.continueWithTask { task ->
if (!task.isSuccessful) {
Toast.makeText(context, "Upload to Cloud Failed!", Toast.LENGTH_SHORT).show()
task.exception?.let {
throw it
}
} imagesRef?.downloadUrl.....ERROR IS GENERATED HERE...
Started when I turned on email/password authorization and turned off the anonymous sign in, however, I turned the anonymous sign-in back on and make sure auth is not null before starting the upload.
val auth = Firebase.auth
val user = auth.currentUser
ALSO, IT SAVES THE UPLOADED IMAGES TO STORAGE NO PROBLEM...but won't download the Url.
Here are the rules in place for my Firebase Storage:
rules_version = '2';
service firebase.storage {
match /b/{bucket}/o {
match /images/{imageId} {
allow write: if request.auth != null;
allow read: if request.auth != null;
}
}
}
I have not been able to find an answer to why it will upload but not download the URL.

The problem in your code is present due to the fact that your user is not authenticated when you try to read the file from Cloud Storage. To be able to read a file, you should always make sure your use is authenticated in Firebase. That being said, please check the FirebaseUser object against nullity before performing Cloud Storage operations.

Custom claims set in cloud functions do not show up in cloud rules of firebase storage

I'm trying to set custom claims using the following:
admin.auth().setCustomUserClaims(user.uid, {['hguwukrpyrwxerqr679p']: true});
where hguwukrpyrwxerqr679p is a unique ID of an object in the firestore database. This object, when it was created, has its own bucket. This bucket has the following security rule:
rules_version = '2';
service firebase.storage {
match /b/{bucket}/o {
allow read: if request.auth.token[bucket];
allow write: if false;
}
}
Unfortunately, this does not work and I get a 403 error code. I don't know why and I've tried simulating the request in the rule-playground of firebase storage, using the user from above. The token section does not show any custom claims at all, but it should, shouldn't it?
I've been at it for quite a few hours now, trying out various methods, even setting the claims manually in a cloud function. Can someone point me in the right direction or give hints on how to debug this problem correctly? When debugging a cloud function by executing
console.log(Object.keys(await admin.auth().getUser(uid).customClaims));
it shows the correct contents.

Rules stored in the root of a bucket are somehow ignored.
rules_version = '2';
service firebase.storage {
match /b/{bucket}/o {
allow read: if request.auth.token[bucket];
allow write: if false;
}
}
Instead, a wildcard should be used
rules_version = '2';
service firebase.storage {
match /b/{bucket}/o {
match /{somePath=**} {
allow read: if request.auth.token[bucket];
allow write: if false;
}
}
}
I'm not sure if this should be accepted as an answer since it's only partially relevant to the problem.

Permission to use Firebase Cloud Storage has been refused. This operation could not be completed. When fetching a downloadURL, use firebase

I have such a code that publishes a picture to my online storage buckets properly.
I'd want to retrieve the picture's URL using another function so that I may display it on my page.
"error": {
"code": 403,
"message": "Permission denied. Could not perform this operation"
}

buddy this works great for me
service firebase.storage {
match /b/{bucket}/o {
match /images/{imageId} {
// Only allow uploads of any image file that's less than 5MB
allow write: if request.resource.size < 5 * 1024 * 1024
&& request.resource.contentType.matches('image/.*');
}
}
}

How to send Firestore request with request.auth != null with Firebase authentication?

I'm trying to allow users to read and write to my Firestore videoFeedback collection from a web app and getting a "Missing or insufficient permissions" error. How do I make sure that my request to Firestore is sent with the correct user authentication (or any authentication at all)?
This is for an Angular app using Firestore and anonymous Firebase authentication. I have already set up an anonymous user. I would like to add a document to my videoFeedback collection from the web app, not the backend. I've already read the official pages on Firestore docs:
Authenticate Anonymously with Firebase
Get Started with Firebase Authentication on Websites
and many more, plus read all SO questions on this topic.
My Firestore object is already set up correctly (I know because I can read/write to the DB if my security rules don't require a non-null request.auth).
Your help is greatly appreciated.
private db: AngularFirestore;
public initFirebaseApp() {
firebase.initializeApp(this.firebaseConfig);
}
public anonymousAuth() {
firebase.auth().signInAnonymously().catch(function(error) {
console.log("ERROR: " + String(error.errorCode) +
" " + String(error.errorMessage))
});
console.log("User is authorized");
}
this.initFirebaseApp();
this.anonymousAuth();
let date_created = new Date().toLocaleString();
let feedback = {
"feedback": "FAKE_FEEDBACK",
"rating": -1,
'created': date_created,
};
firebase.auth().onAuthStateChanged(function(user) {
if (user) {
console.log(user.uid)
this.db.collection('videoFeedback').add(feedback);
}
}.bind(this));
And my security rules look like this
service cloud.firestore {
match /databases/{database}/documents {
match /videoFeedback/{feedback} {
allow read, write: if request.auth != null;
}
}
}
With this configuration, I get the following output:
User is authorized
JAZe9dsIMtdyNe2dhndleIcn9nd2
ERROR Error: Uncaught (in promise): FirebaseError: [code=permission-denied]: Missing or insufficient permissions.
FirebaseError: Missing or insufficient permissions.
at new FirestoreError (index.cjs.js:352)
at index.cjs.js:7274
at Y.<anonymous> (index.cjs.js:7219)
...
When I replace my security rule with
service cloud.firestore {
match /databases/{database}/documents {
match /videoFeedback/{feedback} {
allow read, write;
}
}
}
I get the same, minus the permissions error. This makes me think that it's an issue with the way my request is being sent, not with the data I'm sending or with the setup of the Firestore database.
User is authorized
JAZe9dsIMtdyNe2dhndleIcn9nd2 (or some random string)
What do I need to do to send my request with a non-null request.auth.uid?

Error: permission_denied at /items: Client doesn't have permission to access the desired data

I can neither receive nor write data in the Cloud Firestore (Firebase). I do everything in an application based on Ember.
In the file config/environment.js were added all the data from the "console" Firebase.
I also changed the access rules for testing:
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if true;
}
}
}
When I try to retrieve the data:
model () {
return this.store.findAll('item')
// or
// return this.store.query('project', { orderBy: 'title' })
}
I'm getting errors:
Error while processing route: index – "permission_denied at /items: Client doesn't have permission to access the desired data."
And:
Error: permission_denied at /items: Client doesn't have permission to access the desired data.
What is the problem?

You need to modify firebase rules :
{
"rules": {
".read": "true",
".write": "true"
}
}