Question 207505 in Flutter Question posted in
The official Flutter documentation can be found here.

Flutter error – [cloud_firestore/permission-denied] The caller does not

I have a Flutter app that is generating the following error that is displayed above the app bar

 [cloud_firestore/permission-denied] The caller does not have

The error occurs when:

1). The current app user logs out of my app.
2). The login screen is presented  
3). The user logs in with a different user email/password

The error occurs AFTER the user has logged in.

No error logs appear in the IDE

I have the following Firestore rule set up

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents/{collection} {
    match /{document=**} {
      allow read, write: if request.auth != null
    }
  }
}

Any suggestions?

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    Resolved. The problem was a RiverPod StreamProvider that was calling a Firebase stream, and the RiverPod provider was missing the 'autodispose' suffix.

    Without the 'autodispose' suffix the Firebase stream with the old user credentials was kept alive for the new user.


  2. 0

    Firestore security rules are not wildcard-matched by default. Accordingly, if you specify a rule for a certain document or collection, it wont necessarily match documents or subcollections with the same level but different names. For any single document or collection you want to safeguard, rules must be explicitly defined.

    You must specifically set rules for each level if you want security rules to be applied recursively to all documents in a collection or subcollection.

    Here is an example of a Security Rule:

    service cloud.firestore {
  match /databases/{database}/documents {
collections
    match /users/{userId} {
      allow read, write: if request.auth != null && request.auth.uid == userId;
    }

    match /cities/{citiesID} {
      allow read: if true;
      allow create: if request.auth != null;
      allow update, delete: if resource.data.userId == request.auth.uid;
    }

    // By default, the fallback rule denies access.
    match /{document=**} {
      allow read, write: if false;
    }
  }
}

    You may refer to this documentation about Writing Rules in Cloud Firestore Security Rules and Structuring Cloud Firestore Security Rules.

    You may also check this Stackoverflow answers that might help you.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search