morganchen12
commented
6 years ago @mcdonamp can you update the security rules?
Open ghost opened 6 years ago
morganchen12
commented
6 years ago @mcdonamp can you update the security rules?
asciimike
commented
6 years ago https://github.com/firebase/geofire-js/commit/6c658461ca07f76254d5f87341caf56ed3d552c9 should do it.
We should probably update JS and Android to no longer use priority as well.
asciimike
commented
6 years ago Rolling back that change since it causes the build to break. We'll need to update JS and Android before we do that. In the mean time, feel free to use Rules like in the commit.
ghost
commented
6 years ago I am getting the following errors when trying to save the modified security rules (line numbers are a bit off, by they refer to the two lines changed in the commit mentioned by @mcdonamp .
Error saving rules – Line 18: No such method/property 'g'.; Line 22: No such method/property 'g'.
ghost
commented
6 years ago The rules in my comment in https://github.com/firebase/geofire-js/commit/15238ae198dfad42d4329e7646d2710c335030fc seem to work for me. Maybe they can do the job?
ghost
commented
6 years ago @ghowen thx for the solution
The security rules in https://github.com/firebase/geofire-js/blob/master/examples/securityRules/rules.json uses
getPriority()to validate a location on write.By removing priority in https://github.com/firebase/geofire-objc/commit/96f40431d0d0fe3aac66bc0302da6c9cf3ab2f58, the rules now return a "permission denied" on writing a location as the validation of
getPriorityfails.Also a version bump would have been nice for this as this would have helped troubleshooting ;)