我刚开始使用Firebase。
我正在使用其中一个quickstart-js模板。
我正在尝试添加.read安全规则,以便用户只能阅读创建的帖子。
如果我针对auth.id进行测试但是如果我针对auth.uid进行测试(我明白auth.uid是正确的),则规则正在传递,我感到有点困惑。
在模拟器中,此规则失败:
{
"rules": {
// ".read": "auth != null",
".write": "auth != null",
"posts": {
"$post": {
".read": "data.child('uid').val() === auth.uid",
}
}
}
}
这是数据库结构:
{
"posts" : {
"-KL6ecPO67H5B8SmPHJr" : {
"body" : "Just testing out the firebase system.",
"starCount" : 0,
"title" : "Camp Se has it's first blog post",
"uid" : "vaZrC0sSdYTiou587IuePVw9uRT2"
},
"-KL6fUBOhsc4zosJbwjb" : {
"body" : "Another post ja ja ja\n",
"starCount" : 0,
"title" : "Another post",
"uid" : "vaZrC0sSdYTiou587IuePVw9uRT2"
}
},
"user-posts" : {
"vaZrC0sSdYTiou587IuePVw9uRT2" : {
"-KL6ecPO67H5B8SmPHJr" : {
"body" : "Just testing out the firebase system.",
"starCount" : 0,
"title" : "Camp Se has it's first blog post",
"uid" : "vaZrC0sSdYTiou587IuePVw9uRT2"
},
"-KL6fUBOhsc4zosJbwjb" : {
"body" : "Another post ja ja ja\n",
"starCount" : 0,
"title" : "Another post",
"uid" : "vaZrC0sSdYTiou587IuePVw9uRT2"
}
}
},
"users" : {
"vaZrC0sSdYTiou587IuePVw9uRT2" : {
"email" : "user@gmail.com"
}
}
}
模拟结果详情:
Simulation results
Type read
Location /posts/KL6ecPO67H5B8SmPHJr/
Data null
Auth { "provider": "google", "uid": "vaZrC0sSdYTiou587IuePVw9uRT2" }
Admin false
edit Read denied
close
Line 7 (/posts/KL6ecPO67H5B8SmPHJr)
read: "data.child('uid').val() === auth.uid"
答案 0 :(得分:2)
我的模拟器“位置”字段中出错了。当我从数据库复制帖子ID时,我错过了前面的-字符。
我解决了这个问题并且规则有效: - )