No access to firebase

Capacitor
1

I have an app (Ionic Angular Capacitor 2) calling some object in a Firebase realtime database. It have been working fine with access rules and anonymous auth. But after some modules updating (Don’t know if thats the problem) i get permission denied when calling the db. This is happening in both web and on ios/android. I’ve read all pages from google and here. But mostly the problem is firestore rules on Realtime db or solved by setting .read/.write rules to true.

If i serve the app in chrome. And i serve my firebase hosted backend-app in another tab. The app starts working…

I’ve made a completely new projekt and copied the src folder, added all plugins from npm updated to capacitor 3, still the same problem…

This is the auth called on OnInit() when user is created or logged in, continueLoad() is called:

async loginAndLoad() {
  // create anonymous user if not exists and/or log in
 await this.fireauth.signInAnonymously().catch((error) => {
     console.log('Login error: ' + error.code);
     console.log('Login error message: ' + error.message);
  });
 // trigger state change, when user is logged in
  this.fireauth.onAuthStateChanged((user) => {
 
    if (user.isAnonymous) {
      var isAnonymous = user.isAnonymous;
      var uid = user.uid;
      console.log('User added: ' + isAnonymous);
      console.log('User uid: ' + uid);
      // We have a signed in user, go on.. Else throw error
         this.continueLoad();
    } else {
          this.loginAndLoad();
        }
  });
}

Example of database call, this i called from this.continueLoad():

async getElements() {
     const elements = this.db.list('settings/elements/da/');
     const subscribe = await elements.snapshotChanges().subscribe(res => {
           subscribe.unsubscribe();
       let array = [];
       res.forEach(child => {
         let a: any;
          a = child.payload.toJSON();
           if (a.status == "published") {
            array.push({key: child.key,title: a.title});
          }
       })
        this.storage.set('elements', JSON.stringify(array));
     })
}

This is the Realtime database rules:

{
 "rules": {
   ".write": "!data.exists()",
   "products": {
       ".read": "auth.uid != null",
       ".write": "auth.uid != null",
       ".indexOn": ["stats", "status", "user_warn", "image_approved", "image_added", "note", "description","title","date_published","date_edited","date_added"]
   },
   "searchwords": {
       ".read": "auth.uid != null",
       ".write": "auth.uid != null"  
   },
   "users": {
       ".read": "auth.uid != null",
       ".write": "auth.uid != null && auth.provider != 'anonymous'"
   },
   "settings": {
       ".read": "auth.uid != null",
       ".write": "auth.uid != null && auth.provider != 'anonymous'"
   },
   "routes": {
       ".read": "auth.uid != null",
       ".write": "auth.uid != null && auth.provider != 'anonymous'"
   },
   "campaigns": {
       ".read": "auth.uid != null",
       ".write": "auth.uid != null && auth.provider != 'anonymous'"
   }  
 }
}

Here is the Ionic info:

Ionic:

   Ionic CLI                     : 6.16.1 (/usr/local/lib/node_modules/@ionic/cli)
   Ionic Framework               : @ionic/angular 5.6.7
   @angular-devkit/build-angular : 0.1102.13
   @angular-devkit/schematics    : 11.2.13
   @angular/cli                  : 11.2.13
   @ionic/angular-toolkit        : 3.1.1

Capacitor:

   Capacitor CLI      : 3.0.0
   @capacitor/android : not installed
   @capacitor/core    : 3.0.0
   @capacitor/ios     : 3.0.0

Utility:

   cordova-res : 0.15.3
   native-run  : 1.3.0

System:

   NodeJS : v12.16.2 (/usr/local/bin/node)
   npm    : 6.14.4
   OS     : macOS Big Sur

This is so frustrating… Hope there is some one with a logic idea of the problem i’ve asked the question on StackOverflow, but without help…

2

I think there is an emulator in the firebase console you can use to test a query and then it will tell which rule kicked you out.

In the end of the ride, I believe you need to work on your rules and later stage code

(ps - use rxjs take(1) to reduce the direct unsubscription in the code - that to me what you are doing is a bit ugly)

3

Hi thanks for det reply, I take a look at the rxjs :slight_smile: I have tried in the firebase rules playground with correct results. I have a suspicion that the system that get data from firebase RealTime database, dont get the token from the firebase Auth system (AngularFire)…

4

Finally i found the problem. As mentioned in the beginning som plugins were updated. (After trying a new plugin).
So after hours and hours of debuggin. I downgraded to Firebase 8.1.2 and @angular/fire to 6.1.5 everything worked again…

1 Like
5

Unless there’s something I’m missing here (entirely possible), I think I’d recommend first() instead. They’re functionally identical in most cases, except for how they handle the situation where the underlying Observable completes without emitting anything. take(1) will silently eat that situation, whereas first() will raise an error, letting you know affirmatively that something you were expecting to happen didn’t.

1 Like
6

Im actually using first here:

// Check if user is logged in
isLoggedIn() {
   return this.fireauth.authState.pipe(first()).toPromise();
}
7

The firebase emulators in recent versions are checking the server-deployed firebase access rules rather than your local rule definitions in the emulator. So you need to update your rules on the firebase server to gain access to the emulator data…this I suppose helps when you have entered rules on the firebase console by hand but are using emulators to serve the data itself.