考虑用户的以下firebase数据库规则。我想知道是否有办法编写一个可以逐个删除孩子(朋友)的规则,但不能一次删除所有规则?
这里简单的删除操作不起作用,因为朋友需要空或者有孩子。但是,它可以更新为任何其他孩子,这意味着所有孩子都可以一次被覆盖。
"user":
{
"$uid":
{
/* user can read all user data */
".read": "$uid == auth.uid",
/* allow to add to friends but not delete */
".write": "$uid == auth.uid && (!data.child('friends').exists() || newData.child('friends').hasChildren())",
/* other user data also needs to be writable */
"name": {},
/* only explicit user data is allowed */
"$other": { ".validate": false },
"friends":
{
"$friend_uid": { ".validate": "root.child('user').child($friend_uid).exists()" },
},
}
}
答案 0 :(得分:0)
根据firebase策略,.write策略由子进程继承,因此解决方案是为每个子进行.write规则。
"user":
{
"$uid":
{
/* user can read all user data */
".read": "$uid == auth.uid",
/* no writing at this level */
/* ".write": false, */
/* user data is still writable */
"name": { ".write":"$uid == auth.uid" },
/* no longer necessary */
/*"$other": { ".validate": false },*/
"friends":
{
"$friend_uid": { ".write":"$uid == auth.uid" },
},
}
}