在我的应用程序中使用angularFire $ authWithPassword方法时,我收到来自firebase的Permission_Denied。我对Firebase安全规则非常陌生,错误在于我如何设置它们(因为它在全局读取和写入时都能正常工作)。我试图做的是禁止用户删除我的架构的主要集合,但允许他们使用CRUD子项。
所以我有礼物,活动,人和用户。我的规则看起来像这样:
{
"rules": {
".read": true,
"events": {
"$id": {
".write": true
}
},
"gifts": {
"$id": {
".write": true
}
},
"person": {
".indexOn": "created_by",
"$id": {
".write": true
}
},
"user": {
"$id": {
".write": true
}
}
}
}
正如我所说,使用默认规则时没有问题:
{
"rules": {
".read": true,
".write": true,
"person": {
".indexOn": "created_by"
}
}
}
我做错了什么?
编辑: 它不是执行写操作的$ authWithPassword,而是创建用户的$ createUser,然后是。然后我正在创建一个' CreateProfile'使用ref.set将属性更新为/ users / uid的函数。
$scope.createAccount = function(email, pass, name, confirm) {
loaderSvc.toggleOn('Creating account...');
$scope.err = null;
if( !pass ) {
$scope.err = 'Please enter a password';
}
else if ( !name ) {
$scope.err = 'Please enter a display name';
}
else if( pass !== confirm ) {
$scope.err = 'Passwords do not match';
}
else {
Auth.$createUser({email: email, password: pass})
.then(function () {
// authenticate so we have permission to write to Firebase
return Auth.$authWithPassword({email: email, password: pass}, {rememberMe: true});
})
.then(createProfile)
.then(redirect, showError);
}
function createProfile(user) {
var ref = Ref.child('users/' + user.uid), def = $q.defer();
ref.set({email: email, name: name}, function(err) {
$timeout(function() {
if( err ) {
def.reject(err);
}
else {
sendWelcomeEmail(email, name);
toastr.success('Account created');
Analytics.trackEvent('profile', 'account created', user.uid);
def.resolve(ref);
}
});
});
return def.promise;
}
};