search

firebase / flutterfire

🔥 A collection of Firebase plugins for Flutter apps.
https://firebase.google.com/docs/flutter/setup
BSD 3-Clause "New" or "Revised" License
8.69k stars 3.97k forks source link

[cloud_firestore]: Data Dropped On Permission Denied #13138

Open mcmah309 opened 2 months ago

mcmah309 commented 2 months ago

Is there an existing issue for this?

Which plugins are affected?

No response

Which platforms are affected?

No response

Description

We ran into a scenario where a device was offline and the permissions for collection changed. Subsequently, when back online and an attempt to upload the data was made, a

E/flutter (20761): [ERROR:flutter/runtime/dart_vm_initializer.cc(41)] Unhandled Exception: [cloud_firestore/permission-denied] The caller does not have permission to execute the specified operation.

error was received and the data that was never uploaded to firestore was dropped and lost forever. We verified this behavior through local testing.

The expected behavior would be to never remove any local data unless explicitly told to.

Reproducing the issue

Run

  WidgetsFlutterBinding.ensureInitialized();
  await Firebase.initializeApp(
    options: DefaultFirebaseOptions.currentPlatform,
  );
  FirebaseFirestore.instance.settings =
      const Settings(persistenceEnabled: true, cacheSizeBytes: Settings.CACHE_SIZE_UNLIMITED);

  final db = FirebaseFirestore.instance;
  final collection = db.collection("t");
  await db.disableNetwork();
  collection.add({"0": 0});
  await Future.delayed(const Duration(milliseconds: 1000));

Then change the rules to

rules_version = '2';

service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write: if false;
    }
  }
}

Wait a few moments for the new rules to take effect. Then run the previous code again with await db.disableNetwork(); commented out and change {"0": 0} -> {"1": 0}. You will get the permission denied error.

Then change the rules to:

rules_version = '2';

service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write: if true;
    }
  }
}

and run the code again but change {"1": 0} -> {"2": 0}

The expect result would be three documents in the "t" collection, with data {"0": 0}, {"1": 0} and {"2": 0}. But when following the above steps, only {"2": 0} actually exists.

Firebase Core version

3.3.0

Flutter Version

3.22.3

Relevant Log Output

No response

Flutter dependencies

Expand Flutter dependencies snippet
```yaml Dart SDK 3.4.4 Flutter SDK 3.22.3 firebase_offline_test 1.0.0+1 dependencies: - cloud_firestore 5.2.0 [cloud_firestore_platform_interface cloud_firestore_web collection firebase_core firebase_core_platform_interface flutter meta] - firebase_core 3.3.0 [firebase_core_platform_interface firebase_core_web flutter meta] - flutter 0.0.0 [characters collection material_color_utilities meta vector_math sky_engine] dev dependencies: - flutter_lints 3.0.2 [lints] - flutter_test 0.0.0 [flutter test_api matcher path fake_async clock stack_trace vector_math leak_tracker_flutter_testing async boolean_selector characters collection leak_tracker leak_tracker_testing material_color_utilities meta source_span stream_channel string_scanner term_glyph vm_service] transitive dependencies: - _flutterfire_internals 1.3.40 [collection firebase_core firebase_core_platform_interface flutter meta] - async 2.11.0 [collection meta] - boolean_selector 2.1.1 [source_span string_scanner] - characters 1.3.0 - clock 1.1.1 - cloud_firestore_platform_interface 6.3.0 [_flutterfire_internals collection firebase_core flutter meta plugin_platform_interface] - cloud_firestore_web 4.1.0 [_flutterfire_internals cloud_firestore_platform_interface collection firebase_core firebase_core_web flutter flutter_web_plugins] - collection 1.18.0 - fake_async 1.3.1 [clock collection] - firebase_core_platform_interface 5.2.0 [collection flutter flutter_test meta plugin_platform_interface] - firebase_core_web 2.17.4 [firebase_core_platform_interface flutter flutter_web_plugins meta web] - flutter_web_plugins 0.0.0 [flutter characters collection material_color_utilities meta vector_math] - leak_tracker 10.0.4 [clock collection meta path vm_service] - leak_tracker_flutter_testing 3.0.3 [flutter leak_tracker leak_tracker_testing matcher meta] - leak_tracker_testing 3.0.1 [leak_tracker matcher meta] - lints 3.0.0 - matcher 0.12.16+1 [async meta stack_trace term_glyph test_api] - material_color_utilities 0.8.0 [collection] - meta 1.12.0 - path 1.9.0 - plugin_platform_interface 2.1.8 [meta] - sky_engine 0.0.99 - source_span 1.10.0 [collection path term_glyph] - stack_trace 1.11.1 [path] - stream_channel 2.1.2 [async] - string_scanner 1.2.0 [source_span] - term_glyph 1.2.1 - test_api 0.7.0 [async boolean_selector collection meta source_span stack_trace stream_channel string_scanner term_glyph] - vector_math 2.1.4 - vm_service 14.2.1 - web 0.5.1 ```

Additional context and comments

No response

Ehesp commented 2 months ago

Hello, what platform did you experience this on?

mcmah309 commented 2 months ago

The problem occurred on Android and the "Reproducing the issue" steps were tested on Android. But this may be a problem on other platforms as well.

Lyokone commented 2 months ago

Thanks for reporting, it looks like a native issue, I'll ask and report back here.

Arumankumang commented 1 month ago

WidgetsFlutterBinding.ensureInitialized(); await Firebase.initializeApp( options: DefaultFirebaseOptions.currentPlatform, ); FirebaseFirestore.instance.settings = const Settings(persistenceEnabled: true, cacheSizeBytes: Settings.CACHE_SIZE_UNLIMITED);

final db = FirebaseFirestore.instance; final collection = db.collection("t"); await db.disableNetwork(); collection.add({"0": 0}); await Future.delayed(const Duration(milliseconds: 1000));