使用Angular限制Firebase中匿名身份验证的权限

时间:2015-02-20 00:20:53

标签: firebase angularfire firebase-security

我正在为Firebase中的匿名身份验证用户的安全规则而苦苦挣扎。我希望用户能够使用匿名身份验证创建,读取,更新和删除自己的项目。当我使用下面的代码时,Firebase会拒绝对数据库的许可:Error: permission_denied: Client doesn't have permission to access the desired data.

即使我使用匿名身份验证,我的Angular代码是否需要首先在Firebase中创建某种用户文件夹?

[编辑:我已经包含了我的路线和一些额外的代码以防万一。]

使用Javascript:

myApp.factory('fbAuth', function($firebaseAuth, $firebase) {
var ref = new Firebase('https://xxxxxxxxxx.firebaseio.com');
var authData = ref.getAuth();

    if (authData) {console.log('Authenticated user with uid:', authData.uid); } else {
    ref.authAnonymously(function (error, authData) {
            if (error) {
                console.log('Login Failed!', error);
            } else {
                console.log('Authenticated successfully with payload:', authData);
            }
        });
    }
     return authData;
    });

myApp.factory('Projects', function($firebase, fbURL) {
return $firebase(new Firebase(fbURL+'/projects')).$asArray();
});

myApp.factory('Selections', function($firebase, fbURL) {
return $firebase(new Firebase(fbURL+'/services')).$asArray();
});

myApp.controller('ProjectListCtrl', function ProjectListCtrl(Projects) {
var projectList = this;
projectList.projects = Projects;

projectList.total = function(){
    var total = 0;
    angular.forEach(projectList.projects, function(project) {
        total += project.type.cost;

    });
    return total;
};

});
myApp.controller('SelectionListCtrl', function (Selections) {
var selectionList = this;
selectionList.selections = Selections;
this.selectedServices = Selections;


});

路线:

myApp.config(function ($stateProvider, $urlRouterProvider) {

$urlRouterProvider.otherwise('/');

$stateProvider
    .state('selection', {
        url: '/',
        views: {
            'list': {
                url: '',
                templateUrl: 'views/list.html',
                controller: 'ProjectListCtrl as projectList',
            }
        },
        'selectionlist': {
            templateUrl: 'views/selectionlist.html',
            controller: 'SelectionListCtrl as selectionList',
        }
    })

安全规则:

{
  "rules": {
  "projects": {
    "$project_id" : {
      "$uid": {
        ".read": "auth != null && auth.uid === $uid",
        ".write": "auth !=null && auth.uid === $uid" }
  }
 },  
  "$other": {".validate": false }
 }
}

Firebase数据结构

Root
  - projects
     + -JiVDL4RUSladYTqqHl6
     + -JiVIdH8QIQ8o8q3iKvf
     + -JiYY44i6AOGzTjPDNVM

0 个答案:

没有答案