'Problem with Firebase Realtime Database rules
I have a problem with the Firebase Realtime Database rules in Linux. I am developing a project making use of its API and I can't get them to work. After reading almost of the docs available I tried it again in a new project with the same results. I am in Ubuntu 20.04.4 LTS and the versions of the tools are updated:
- NPM: 6.14.4
- Mocha: ^9.2.1
- Firebase: 10.2.1
- Firebase testing library: ^0.20.11
I created the project in the Firebase console and initialized it with firebase init (Realtime Database and Emulators) and npm init, then installed the Firebase library for testing (@firebase/testing) and mocha.
I started the Firebase emulators with firebase emulators:start too.
Let me show you the code.
firebase.json
{
"database": {
"rules": "database.rules.json"
},
"emulators": {
"database": {
"port": 9000
},
"ui": {
"enabled": true
}
}
}
database.rules.json
{
"rules": {
".read": false,
".write": false,
"rooms": {
".read": false,
".write": false
}
}
}
package.json
{
"name": "frdrulesproblem",
"version": "1.0.0",
"description": "Firebase Realtime Database rules problem",
"main": "test.js",
"scripts": {
"test": "mocha --exit"
},
"author": "Author",
"license": "ISC",
"devDependencies": {
"mocha": "^9.2.1"
},
"dependencies": {
"@firebase/testing": "^0.20.11"
}
}
test.js (tests access to the data)
const assert = require('assert');
const firebase = require('@firebase/testing');
const MY_PROJECT_ID = "realtime-database-rules-problem";
const myId = "user_abc";
const theirId = "user_xyz";
const myAuth = {uid: myId, email: "[email protected]"};
function getAuthedDatabase(auth) {
return firebase
.initializeTestApp({databaseName: MY_PROJECT_ID, auth: auth})
.database();
}
describe("", () => {
it("Shouldn't be able to read elements in the collection", async () => {
const userAbc = getAuthedDatabase(null);
await firebase.assertFails(userAbc.ref("rooms").once("value"));
});
it("Can read elements in the collection despite having denied read access", async () => {
const userAbc = getAuthedDatabase(null);
await firebase.assertSucceeds(userAbc.ref("rooms").once("value"));
});
});
The result of the tests:
> [email protected] test /home/author/Dev/FRDRulesProblem
> mocha --exit
1) Shouldn't be able to read elements in the collection
✔ Can read elements in the collection despite having denied read access
1 passing (65ms)
1 failing
1)
Shouldn't be able to read elements in the collection:
Error: Expected request to fail, but it succeeded.
at /home/author/Dev/FRDRulesProblem/node_modules/@firebase/testing/dist/index.cjs.js:257:31
at process._tickCallback (internal/process/next_tick.js:68:7)
npm ERR! Test failed. See above for more details.
When I open the local link to the Firebase emulator (http://localhost:9000/.inspect/coverage) it shows a wrong declaration of rules:
{
"rules": {
".read": true,
".write": true
}
}
I saw a similar issue in the internet but it was old and related to Windows. I am new to Firebase and testing but I think the code is right.
Solution 1:[1]
please try this way might be it's Help you No Security
These rules give anyone, even people who are not users of your app, read and write
access to your database. During development, you can use the public rules in place of the default rules to set your files publicly readable and writable. This can be useful for prototyping, as you can get started without setting upAuthentication. This level of access means anyone can read or write to your database. You should configure more secure rules before launching your app.
//No Security
{
“rules”: {
“.read”: true,
“.write”: true
}
}
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | RONAK SUTARIYA |