Java Firebase实时数据库的权限被拒绝
我有这样设置的firebase数据库规则Java Firebase实时数据库的权限被拒绝,java,android,firebase,firebase-realtime-database,firebase-security,Java,Android,Firebase,Firebase Realtime Database,Firebase Security,我有这样设置的firebase数据库规则 "Users":{ "$user_id":{ "Name":{ ".read":"auth != null", ".write":"auth.uid == $user_id"
"Users":{
"$user_id":{
"Name":{
".read":"auth != null",
".write":"auth.uid == $user_id"
},
"Email":{
".read":"auth != null",
".write":"auth.uid == $user_id"
},
"Address":{
".read":"auth != null",
".write":"auth.uid == $user_id"
},
"Photo":{
".read":"auth != null",
".write":"auth.uid == $user_id"
},
"Number":{
".read":"auth.uid == $user_id",
".write":"auth.uid == $user_id"
}
,
"Current":{
".read":"auth != null",
".write":"auth.uid == $user_id"
}
}
}
发出请求的代码
FirebaseAuth mAuth = FirebaseAuth.getInstance();
DatabaseReference userRef = FirebaseDatabase.getInstance().getReference().child(FirebaseConstants.USERS).child(mAuth.getCurrentUser().getUid());
if(mAuth.getCurrentUser() !=null)
{
Log.i("DetailsActivity","User id "+mAuth.getCurrentUser().getUid());
}
else
{
Log.i("DetailsActivity","User not authenticated");
}
userRef.addListenerForSingleValueEvent(new ValueEventListener() {
@Override
public void onDataChange(@NonNull DataSnapshot dataSnapshot) {
if(dataSnapshot.hasChild(FirebaseConstants.NAME))
{
Name = dataSnapshot.child(FirebaseConstants.NAME).getValue().toString();
UserNameEdittext.append(Name);
}
if(dataSnapshot.hasChild(FirebaseConstants.EMAIL))
{
Email = dataSnapshot.child(FirebaseConstants.EMAIL).getValue().toString();
UserEmailEdittext.append(Email);
}
userInfoProgressbar.setVisibility(View.INVISIBLE);
}
@Override
public void onCancelled(@NonNull DatabaseError databaseError) {
userInfoProgressbar.setVisibility(View.INVISIBLE);
Log.i("DetailsActivity","error "+databaseError);
}
});
记录的结果
I/DetailsActivity: User id KfiIFOEGWQZIc5UREqX8qo4Nmkn1
I/DetailsActivity: error DatabaseError: Permission denied
当通过身份验证的用户向用户节点下的$user\u id节点发出请求时,会导致权限被拒绝错误。Firebase数据库规则以原子方式工作,但所有读取权限都在检查他是经过身份验证的用户还是正在访问自己的数据。当用户读取自己的数据且所有读取条件都满足,但仍获得权限被拒绝时错误
但是当我试图单独读取这些字段时,没有错误
userRef.child(FirebaseConstants.NAME).addListenerForSingleValueEvent(new ValueEventListener() {
@Override
public void onDataChange(@NonNull DataSnapshot dataSnapshot) {
if(dataSnapshot.exists())
{
Name = dataSnapshot.getValue().toString();
Log.i("DetailsActivity","Name "+Name);
}
}
@Override
public void onCancelled(@NonNull DatabaseError databaseError) {
userInfoProgressbar.setVisibility(View.INVISIBLE);
Log.i("DetailsActivity","error "+databaseError);
}
});
我把日志当作
I/DetailsActivity: Name elsonjose
感谢您的帮助。
提前感谢。假设您的默认设置为:
"rules": {
".read": false,
".write": false,
您确实为单个字段设置了规则,但在读取整个用户记录时可能会遇到“权限被拒绝”,因为您没有为“$user\u id”
路径本身设置任何规则。尝试添加:
"Users": {
"$user_id": {
// Allow only authenticated content owners access to their data
".read": "auth != null && auth.uid == $user_id",
".write": "auth != null && auth.uid == $user_id"
}
...
请编辑问题以显示执行查询的代码。在该示例中,还可以说明您确定用户在查询时已登录。请尝试以下方法:@Sadegh尝试刷新google-services.json,但没有成功。是的,这是可行的,但我想允许某些用户只访问特定的数据。在浏览文档之后,我发现我们不能真正使用firebase规则来过滤用户。对于筛选用户,我发现一些有用的链接是[[如果你想让用户角色和规则围绕他们,你可以在存储用户属性的数据库中创建一个“profiles”集合。这是我所知道的纯粹使用firebase工具实现功能的唯一方法。