Firestore安全规则失败,因为它们太长了

时间:2018-03-14 21:18:54

标签: firebase google-cloud-firestore firebase-security-rules

看来我的安全规则失败了,因为它们太长了。注释掉的两个规则会导致整个规则集失败,但是当它们单独运行时,它们都会成功运行。我是否有一个限制,我没有意识到?

match /transactions/{transactionId} {

    allow create, update: if
                    isSignedIn() &&
                    validateTransactionSchema() &&

                    // Succeeds when these rules are left out.
                    // These rules succeed on their own, but not when combined with others
                    // (incomingData().categoryId == null || categoryExists(incomingData().categoryId)) &&
                    // (incomingData().payeeId == null || payeeExists(incomingData().payeeId)) &&

                    accountExists(incomingData().accountId) &&
                    isBudgetOwner() &&
                    isPremium();

    function validateTransactionSchema() {
        return incomingData().keys().hasAll(['transactionDate', 'accountId', 'payeeId', 'categoryId', 'splits', 'memo', 'amount', 'cleared', 'locked']) &&
                                incomingData().size() == 9 &&
                                incomingData().transactionDate is timestamp &&
                                incomingData().accountId is string &&
                                (incomingData().payeeId == null || incomingData().payeeId is string) &&
                                (incomingData().categoryId == null || incomingData().categoryId is string) &&
                                incomingData().splits is list &&
                                (incomingData().memo == null || incomingData().memo is string) &&
                                incomingData().amount is number &&
                                incomingData().cleared is bool &&
                                incomingData().locked is bool;
    }
}

function isSignedIn() {
    return request.auth != null;
}

function isPremium() {
    return get(/databases/$(database)/documents/users/$(request.auth.uid)).data.isPremium == true;
}

function isBudgetOwner() {
    return get(/databases/$(database)/documents/budgets/$(budgetId)).data.userId == request.auth.uid;
}

function categoryExists(categoryId) {
    return exists(/databases/$(database)/documents/budgets/$(budgetId)/categories/$(categoryId));
}

function accountExists(accountId) {
    return exists(/databases/$(database)/documents/budgets/$(budgetId)/accounts/$(accountId));
}

function payeeExists(payeeId) {
    return exists(/databases/$(database)/documents/budgets/$(budgetId)/payees/$(payeeId));
}

function incomingData() {
    return request.resource.data;
}

1 个答案:

答案 0 :(得分:1)

Bob Snyder暴露的限制已提高到10。这应该可以帮助您解决问题。 按照:https://firebase.googleblog.com/2018/06/announcing-firestore-security-rules.html

相关问题
最新问题