如果用户没有发送,我可以创建日期属性吗?

时间:2015-12-14 12:17:40

标签: firebase firebase-security firebase-realtime-database

我使用Firebase Bolt编译器创建了规则。

// ####### Root

path / {
  read() = true;
  write() = false;
}

// ######## USERS PHOTOS
// Allow anyone to read the list of Photos.
path /users_photos {
  read() = true;
}

// All individual Photos are writable by anyone.
path /users_photos/$id is Photos {
  write() = isSignedIn();
}

type Photos {
  image: String,
  user_id: String,
  removed: Boolean,
  dt_created: InitialTimestamp,
  dt_updated: CurrentTimestamp
}


type CurrentTimestamp extends Number {
    validate() = this == now;
}

type InitialTimestamp extends Number {
  validate() = initial(this, now);
}


//
// Helper Functions
//
isSignedIn() = auth != null;
// Returns true if the value is intialized to init, or retains it's prior
// value, otherwise.
initial(value, init) = value == (prior(value) == null ? init : prior(value));

参考:https://github.com/firebase/bolt/blob/master/docs/guide.md

我的剧本:

/*Upload*/
VigiApp.controller('UploadController', ['$scope', 'Upload', '$timeout', 'FirebaseURL', function ($scope, Upload, $timeout, FirebaseURL) {
    // upload on file select or drop
    $scope.upload = function (file, id) {
        $('.page-spinner-bar').removeClass('ng-hide hide').addClass('ng-show show');

        id = typeof id !== 'undefined' ? id : null;
        Upload.base64DataUrl(file).then(function(base64){
            //auth
            var fbAuth = FirebaseURL.getAuth();
            //Ref
            var usersPhotosRef = FirebaseURL.child("users_photos");
            usersPhotosRef.push({'image': base64,'removed': true, 'user_id': fbAuth.uid}, function(error){
                if (error) {
                    alert('Error: Something went wrong when creating your post please try again');
                } else {
                  var newID = usersPhotosRef.key();
                  if(id !== null){
                      $('#'+id).css("background-image", "url('"+base64+"')");
                      $('#'+id).css("background-size", "100% 100%");
                  }
                }   

                $('.page-spinner-bar').removeClass('ng-show show').addClass('ng-hide hide');
            });
        });
    }     
}]);

编译...... 

>firebase-bolt mmgv-vigiapp.bolt -o rules.json
bolt: Generating rules.json...

并部署...... 

>firebase deploy:rules

=== Deploying to 'vivid-heat-2144'...

i  deploying rules

+  Deploy complete!

Dashboard: https://vivid-heat-2144.firebaseio.com

但我收到了错误:

FIREBASE WARNING: set at /users_photos/-K5VL1m04oF8s2xp8oTf failed: permission_denied

创建的规则:

{
  "rules": {
    ".read": "true",
    "users_photos": {
      ".read": "true",
      "$id": {
        ".validate": "newData.hasChildren(['image', 'user_id', 'removed', 'dt_created', 'dt_updated'])",
        "image": {
          ".validate": "newData.isString()"
        },
        "user_id": {
          ".validate": "newData.isString()"
        },
        "removed": {
          ".validate": "newData.isBoolean()"
        },
        "dt_created": {
          ".validate": "newData.isNumber() && newData.val() == (data.val() == null ? now : data.val())"
        },
        "dt_updated": {
          ".validate": "newData.isNumber() && newData.val() == now"
        },
        "$other": {
          ".validate": "false"
        },
        ".write": "auth != null"
      }
    }
  }
}

当我删除日期时,它可以正常工作。

...
type Photos {
  image: String,
  user_id: String,
  removed: Boolean,
}
...

如何生成创建日期和更新? 我的错在哪里,拜托?

1 个答案:

答案 0 :(得分:2)

添加照片时,您会传递以下信息:

usersPhotosRef.push({'image': base64,'removed': true, 'user_id': fbAuth.uid}

您的安全规则需要以下属性:

".validate": "newData.hasChildren(['image', 'user_id', 'removed', 'dt_created', 'dt_updated'])",

没有魔法"默认值"对于dt_createddt_updated,您需要从应用程序代码中传递这些内容:

usersPhotosRef.push({
  'image': base64,
  'removed': true, 
  'user_id': fbAuth.uid,
  'dt_created': Firebase.ServerValue.TIMESTAMP,
  'dt_updated': Firebase.ServerValue.TIMESTAMP
}

由于此代码段正在添加新记录,因此dt_createddt_updated设置为相同的值。更新记录时,您只想设置dt_updated

相关问题
最新问题