W / SyncTree:在/ Products上侦听失败:DatabaseError:权限被拒绝?
[英]W/SyncTree: Listen at /Products failed: DatabaseError: Permission denied?
问题描述
I am developing a rudimentary delivery app using android studio and I am using Firebase as the database. 
我正在使用android studio开发一个基本的交付应用程序,并且正在使用Firebase作为数据库。 I need to save the user info and also products that all the users can select from. 我需要保存用户信息以及所有用户可以选择的产品。 So basically each user has access to only their details but each user can access details from all the Products. 因此,基本上每个用户只能访问其详细信息,但每个用户都可以访问所有产品的详细信息。 Here are my rules for the database: 这是我的数据库规则:
{
"rules": {
"users": {
"$uid": {
".read": "auth != null",
".write": "auth != null"
}
},"Products": {
"$uid": {
".read": true,
".write": true
}
}
}
}
And the database structure: 以及数据库结构:
pat-2017-42536
Products
1
Description: "Product description"
Name: "Name of product"
Price: "Price of product"
2
Description: "Product description"
Name: "Name of product"
Price: "Price of product"
etc...
I tried changing the permissions to true as some previous questions suggested but it still keeps giving me this error: 我尝试将权限更改为true,如先前的一些问题所建议的那样,但它仍然不断给我这个错误:
W/SyncTree: Listen at /Products failed: DatabaseError: Permission denied
This is in my onCreate in Andoid Studio: 这是在Andoid Studio中的onCreate中:
databaseProducts = FirebaseDatabase.getInstance().getReference("Products");
databaseProducts.addValueEventListener(new ValueEventListener() {
@Override
public void onDataChange(DataSnapshot dataSnapshot) {
showData(dataSnapshot);
}
@Override
public void onCancelled(DatabaseError databaseError) {
}
});
Here is the method that is supposed to fetch the product details: 这是应该获取产品详细信息的方法:
private void showData(DataSnapshot dataSnapshot) {
for(DataSnapshot productSnapShot: dataSnapshot.getChildren()){
Product product = productSnapShot.getValue(Product.class);
product.setName(productSnapShot.child("item").getValue(Product.class).getName());
product.setDescription(productSnapShot.child("item").getValue(Product.class).getDescription());
product.setPrice(productSnapShot.child("item").getValue(Product.class).getPrice());
ArrayList<String> array = new ArrayList<>();
array.add(product.getName());
array.add(product.getDescription());
array.add("R" + product.getPrice() + ".00");
Log.d(TAG,"showData: name " + product.getName());
Log.d(TAG,"showData: description " + product.getDescription());
Log.d(TAG,"showData: price " + product.getPrice());
ArrayAdapter adapter = new ArrayAdapter(CustomerActivity.this,android.R.layout.simple_expandable_list_item_1,array);
listViewProducts.setAdapter(adapter);
}
}
It is probably a simple error but I can't seem to find it. 这可能是一个简单的错误,但我似乎找不到。 Any help? 有什么帮助吗?
3 个解决方案
解决方案1
0 2017-09-08 08:34:13
The problem is that you try to read at /Products while you allow read at /Products/Something . 问题是您尝试在/Products读取,而又允许在/Products/Something读取。 Enable read at Products node. 在“ Products节点上启用读取。
Your rules should be something like 您的规则应类似于
{
"rules": {
"users": {
"$uid": {
".read": "auth != null",
".write": "auth != null"
}
},
"Products": {
".read": true,
".write": true
}
}
}
解决方案2
0 2018-06-03 19:05:48
I don't think the above answer Birendra provided will do what you want it to. 我认为Birendra提供的上述答案不会满足您的要求。 I believe that that will allow any authenticated user to read and write in any other specific users id. 我相信,这将允许任何经过身份验证的用户读取和写入其他任何特定用户的ID。 This is the same as the default rules, but just specific to the users id. 这与默认规则相同,只是特定于用户标识。 He is right about the fact that you have it set up so that it is looking for /Products/$uid and so if you want anyone at all (whether authenticated or not) to both read and write to your products list then that would be the rules--but I can't imagine that you want your products list to be modifiable by everyone . 他是对的事实,你把它设置,以便它正在寻找/产品/ $ UID所以如果你想在所有的人 (无论是否验证过),以读取和写入到您的产品列表,那么这将是规则-但是我无法想象您希望每个人都可以修改您的产品清单。 From what I understand you want users to be able to read and write their own account info, but everybody can access the products. 据我了解,您希望用户能够读写自己的帐户信息,但是每个人都可以访问产品。 I'm not sure if you only want authenticated users to be able to view the products or not, so I'll include the rules for both. 我不确定您是否只希望通过身份验证的用户能够查看产品,所以我将同时包括这两个规则。 Remember, your read and write rules do NOT have to be the same for a particular node. 请记住,特定节点的读写规则不必相同。 So if you wanted to have every authenticated user be able to see the information of other users but only that particular user can write to their own profile, and if you want your "products" to be viewable by the general public (authentication not required), but you obviously don't want the public messing with your products you could have rules like this: 因此,如果您想让每个经过身份验证的用户都能看到其他用户的信息,但只有该特定用户可以写自己的个人资料,并且希望公众可以查看您的“产品”(不需要身份验证) ,但是您显然不希望公众将您的产品弄乱,因此您可以制定如下规则:
{
"rules": {
"users": {
".read": "auth != null", //all authenticated users can read the information from the "users" node.
"$uid": {
".write": "$uid === auth.uid" //only a user with an authenticated uid that matches the uid of the child node will be able to write to their node--no need for a read rules because it is already covered in the parent node
}
},
"Products": {
".read": true,
".write": false //you don't want just anybody to write to this node--probably even better since this wouldn't allow anyone to modify the products is to set it up with an admin access where a specific uid is the only one that has access--such as ".write": "auth.uid === 'dJrGShfgfd2'"
}
}
}
If you want only authenticated users to be able read the products, but not modify the products, then you would want: 如果您只希望经过身份验证的用户能够阅读产品,而不希望修改产品,那么您将希望:
{
"rules": {
"users": {
".read": "auth != null",
"$uid": {
".write": "$uid === auth.uid"
}
},
"Products": {
".read": "auth != null",
".write": false
}
}
}
Finally, if authenticated users can add or modify products, then you would want: 最后,如果经过身份验证的用户可以添加或修改产品,那么您将需要:
{
"rules": {
"users": {
".read": "auth != null",
"$uid": {
".write": "$uid === auth.uid"
}
},
"Products": {
".read": "auth != null",
".write": "auth != null"
}
}
}
解决方案3
0 2018-12-19 19:56:56
Make the rules to be as shown below Make sure that you have chosen REALTIMEDATABASE. 使规则如下所示确保已选择REALTIMEDATABASE。
{
security rules. */
"rules": {
".read": true,
".write": true
}
}
There will be two DATA bases 1) cloud firestore 2) Real Time data Base Choose the real time database and change the rules as the above mentioned one. 将有两个数据库1)云存储2)实时数据库选择实时数据库并按照上述规则更改规则。
The above rule makes it visible to all the people. 上述规则使其对所有人可见。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.