javascript google-cloud-firestore nuxt.js firebase-security

(Nuxtjs+ Firebase Firestore) FirebaseError: Missing or insufficient permissions

i use Nuxt.js + Firebase Firestore and i try to get data from collection name is TestCollection but show

Error getting document: FirebaseError: Missing or insufficient permissions.

here is my firestore collection.

my localhost display this.

Error getting document: FirebaseError: Missing or insufficient permissions.
    at new n (prebuilt-306f43d8-45d6f0b9.js?a6a6:188)
    at eval (prebuilt-306f43d8-45d6f0b9.js?a6a6:10426)
    at eval (prebuilt-306f43d8-45d6f0b9.js?a6a6:10427)
    at n.onMessage (prebuilt-306f43d8-45d6f0b9.js?a6a6:10449)
    at eval (prebuilt-306f43d8-45d6f0b9.js?a6a6:10366)
    at eval (prebuilt-306f43d8-45d6f0b9.js?a6a6:10397)
    at eval (prebuilt-306f43d8-45d6f0b9.js?a6a6:15160)
    at eval (prebuilt-306f43d8-45d6f0b9.js?a6a6:15218)

here is method who call collection.

async testPost(){
      try{
         await this.$fire.firestore.collection('TestCollection').get()
          .then((docs) => {
            console.log('docs:', docs)
          if (docs) {
            docs.forEach((doc) => {
              console.log(doc.data())
            })
          } else {
            console.log('No such document!')
          }
        }).catch((error) => {
          console.log('Error getting document:', error)
        })
      }catch (err){
        console.log(err)
      }
    },

in nuxt.config.js

modules: [
    // https://go.nuxtjs.dev/axios
    '@nuxtjs/axios',
    ['@nuxtjs/firebase', {
      config: {
        apiKey: process.env.FIREBASE_API_KEY,
        authDomain: process.env.FIREBASE_AUTH_DOMAIN,
        projectId: process.env.FIREBASE_PROJECT_ID,
        storageBucket: process.env.FIREBASE_STORAGE_BUCKET,
        messagingSenderId: process.env.FIREBASE_MESSAGING_SENDER_ID,
        appId: process.env.FIREBASE_APP_ID,
        measurementId: process.env.FIREBASE_MEASUREMENT_ID,
      },

      services: {
        firestore: true,
        storage: true,
        database: true,
      },
    }],
  ],

in database.rules.json

{
  "rules": {
    "users": {
      "$uid": {
        ".read": "$uid === auth.uid",
        ".write": "false"
      }
    },
    "cases": {
      ".read": true
    }
  }
}

in filetore.rules

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write: if false;
    }
  }
}

Solution

Your security rules allow nobody to read any data from Firestore:

match /{document=**} {
  allow read, write: if false;
}

So the fact that your code that tries to read data from the database gets rejected by these rules is working as intended.

These are the default rules, so I highly recommend reading the documentation on securing your database both for Firestore specifically and for Firebase overall.

You'll want to start with the minimal change to your rules that allows your code to work, known as the principle of least privilege. Given the code you shared, that'd be:

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write: if false;
    }
    match /TestCollection/{doc} {
      allow read: if true;
    }
  }
}

So now we allow anyone in the world to read the entire TestCollection, as that's what your code seems to do, but we still disallow all other operations.