Firebase规则无法正常运行

时间:2017-03-03 12:59:49

标签: ios firebase firebase-realtime-database firebase-security

这是我的火力架结构:

-posts
 -public
  -countryCode
   -US
    -KeJ9qrPZYWD-b0AdQ3I
     -timestamp:1488544558698
     -postAuthor:TT4l2xyIOFRXI3RZINffcSFs67O2
    -KeAVVwWQ-OuwyMRycI4
     -timestamp:1488544595373
     -postAuthor:TT4l2xyIOFRXI3RZINffcSFs67O2
-users
 -TT4l2xyIOFRXI3RZINffcSFs67O2

我希望允许用户阅读过去24小时的帖子,或者如果用户是帖子的作者,那么没有限制,所以我制定了这样的firebase规则:

{
  "rules": {
    "users": {
      "$uid": {
        ".read": "$uid === auth.uid",
        ".write": "$uid === auth.uid"
      }
    },
    "posts":{
      ".write" : "auth != null",
      "public":{
        "countryCode":{
         "$countryCode_id":{
           "$post" :{
            ".read" : data.child('postAuthor').val() === auth.uid || data.child('timestamp').val() > (now - 86400000)
          }  
      }
  }
 }
}  
  }
} 

但它没有用,我可以写新的,但即使帖子是在指定的时间或当前作者发布的,也无法读取任何内容,有什么不对?

编辑: 好的,所以我发现规则的规则:"规则不是过滤器"它会使我的想法变得微不足道,因为我需要读取访问我的帖子的父母,但如果我将其标记为已读,无论作者或时间是什么,我的帖子都会被阅读,原因是级联 - 太令人沮丧:(,所以现在我需要弄清楚如何做到这一点。我的第一个想法是创建所有帖子的另一条路径,并从那里获取所有帖子,其中所有帖子将标记为已读:true然后使用observesingleevent(.value)获取每个帖子的密钥,并用它直接观察另一个分支上的当前帖子,我可以设置我的读写权限,我认为好吗?

1 个答案:

答案 0 :(得分:0)

如果没有看到提出问题的代码,就很难确定。但是,您很可能尝试从没有读取权限的级别进行阅读。 E.g:

c.Resolve<IBus>().CreatePublishRequestClient<IToDoMessage, IToDoMessageResponse>(TimeSpan.FromSeconds(5));

此查询将失败,因为用户对public static function ipsum($nparagraphs, $wrapper = 'p') { $paragraphs = []; for ($p = 0; $p < $nparagraphs; ++$p) { $nsentences = mt_rand(3, 8); $sentences = []; for ($s = 0; $s < $nsentences; ++$s) { $frags = []; $commaChance = .33; while (true) { $nwords = mt_rand(3, 15); $words = self::random_values(self::$lorem, $nwords); $frags[] = implode(' ', $words); if (self::random_float() >= $commaChance) { break; } $commaChance /= 2; } $sentences[] = ucfirst(implode(', ', $frags)) . '.'; } $paragraphs[] = '<' . $wrapper . '>' . implode(' ', $sentences) . '</' . $wrapper . '>'; } return implode($paragraphs); } private static function random_float() { return mt_rand(0, PHP_INT_MAX - 1) / PHP_INT_MAX; } private static function random_values($arr, $count) { $keys = array_rand($arr, $count); if ($count == 1) { $keys = [$keys]; } return array_intersect_key($arr, array_fill_keys($keys, null)); } private static $lorem = [ 0 => 'lorem', 1 => 'ipsum', 2 => 'dolor', 3 => 'sit', 4 => 'amet', 5 => 'consectetur', 6 => 'adipiscing', 7 => 'elit', 8 => 'praesent', 9 => 'interdum', 10 => 'dictum', 11 => 'mi', 12 => 'non', 13 => 'egestas', 14 => 'nulla', 15 => 'in', 16 => 'lacus', 17 => 'sed', 18 => 'sapien', 19 => 'placerat', 20 => 'malesuada', 21 => 'at', 22 => 'erat', 23 => 'etiam', 24 => 'id', 25 => 'velit', 26 => 'finibus', 27 => 'viverra', 28 => 'maecenas', 29 => 'mattis', 30 => 'volutpat', 31 => 'justo', 32 => 'vitae', 33 => 'vestibulum', 34 => 'metus', 35 => 'lobortis', 36 => 'mauris', 37 => 'luctus', 38 => 'leo', 39 => 'feugiat', 40 => 'nibh', 41 => 'tincidunt', 42 => 'a', 43 => 'integer', 44 => 'facilisis', 45 => 'lacinia', 46 => 'ligula', 47 => 'ac', 48 => 'suspendisse', 49 => 'eleifend', 50 => 'nunc', 51 => 'nec', 52 => 'pulvinar', 53 => 'quisque', 54 => 'ut', 55 => 'semper', 56 => 'auctor', 57 => 'tortor', 58 => 'mollis', 59 => 'est', 60 => 'tempor', 61 => 'scelerisque', 62 => 'venenatis', 63 => 'quis', 64 => 'ultrices', 65 => 'tellus', 66 => 'nisi', 67 => 'phasellus', 68 => 'aliquam', 69 => 'molestie', 70 => 'purus', 71 => 'convallis', 72 => 'cursus', 73 => 'ex', 74 => 'massa', 75 => 'fusce', 76 => 'felis', 77 => 'fringilla', 78 => 'faucibus', 79 => 'varius', 80 => 'ante', 81 => 'primis', 82 => 'orci', 83 => 'et', 84 => 'posuere', 85 => 'cubilia', 86 => 'curae', 87 => 'proin', 88 => 'ultricies', 89 => 'hendrerit', 90 => 'ornare', 91 => 'augue', 92 => 'pharetra', 93 => 'dapibus', 94 => 'nullam', 95 => 'sollicitudin', 96 => 'euismod', 97 => 'eget', 98 => 'pretium', 99 => 'vulputate', 100 => 'urna', 101 => 'arcu', 102 => 'porttitor', 103 => 'quam', 104 => 'condimentum', 105 => 'consequat', 106 => 'tempus', 107 => 'hac', 108 => 'habitasse', 109 => 'platea', 110 => 'dictumst', 111 => 'sagittis', 112 => 'gravida', 113 => 'eu', 114 => 'commodo', 115 => 'dui', 116 => 'lectus', 117 => 'vivamus', 118 => 'libero', 119 => 'vel', 120 => 'maximus', 121 => 'pellentesque', 122 => 'efficitur', 123 => 'class', 124 => 'aptent', 125 => 'taciti', 126 => 'sociosqu', 127 => 'ad', 128 => 'litora', 129 => 'torquent', 130 => 'per', 131 => 'conubia', 132 => 'nostra', 133 => 'inceptos', 134 => 'himenaeos', 135 => 'fermentum', 136 => 'turpis', 137 => 'donec', 138 => 'magna', 139 => 'porta', 140 => 'enim', 141 => 'curabitur', 142 => 'odio', 143 => 'rhoncus', 144 => 'blandit', 145 => 'potenti', 146 => 'sodales', 147 => 'accumsan', 148 => 'congue', 149 => 'neque', 150 => 'duis', 151 => 'bibendum', 152 => 'laoreet', 153 => 'elementum', 154 => 'suscipit', 155 => 'diam', 156 => 'vehicula', 157 => 'eros', 158 => 'nam', 159 => 'imperdiet', 160 => 'sem', 161 => 'ullamcorper', 162 => 'dignissim', 163 => 'risus', 164 => 'aliquet', 165 => 'habitant', 166 => 'morbi', 167 => 'tristique', 168 => 'senectus', 169 => 'netus', 170 => 'fames', 171 => 'nisl', 172 => 'iaculis', 173 => 'cras', 174 => 'aenean', ]; 没有读取权限。与您的想法相反,Firebase查询不能用于过滤数据。这在Firebase上下文中已知为&#34;规则不是过滤器&#34;我建议退房: