我有我的数据,如老师和几个有付款选项的学生。
我想在数据下面构建。
在firebase中使用安全规则寻找输入/帮助来构造上述dB。
更新 使用以下示例DB来测试Bradley的答案。
{
"invoices" : {
"stid1" : {
"studentID" : "9EtsXHveIyaEkkLLk5hpo6vCtVx1"
}
},
"students" : {
"3d2HnQUxAbgaOqWBEqfDuhkhkj63" : {
"name" : "s2"
},
"9EtsXHveIyaEkkLLk5hpo6vCtVx1" : {
"name" : "s1"
}
},
"teachers" : {
"aiBunX1rZceD2lRslEmCrFHS2XF3" : {
"name" : "s1"
}
}
}
答案 0 :(得分:1)
以下数据库规则:
{
"rules": {
// teachers profiles stored under this node
// teachers can read and write under their own node
"teachers": {
"$teacherID": {
".read": "auth != null && auth.uid == $teacherID",
".write": "auth != null && auth.uid == $teacherID"
}
},
// teachers can r/w student profiles, and the students can also r/w their own profile
"students": {
"$studentID": {
".read": "auth != null && (root.child('teachers').child(auth.uid).exists() || auth.uid == $studentID)",
".write": "auth != null && (root.child('teachers').child(auth.uid).exists() || auth.uid == $studentID)"
}
},
"invoices": {
"$invoiceID": {
// assuming each invoice has the student ID located at /$invoiceID/studentID
// students can read, teachers can r/w
".read" : "auth != null && (root.child('invoices').child($invoiceID).child('studentID').val() == auth.uid || root.child('teachers').child(auth.uid).exists())",
".write": "auth != null && root.child('teachers').child(auth.uid).exists()"
}
}
}
}
适用于以下数据库:
{
"teachers" : {
"aiBunX1rZceD2lRslEmCrFHS2XF3" : {
"name" : "s1"
}
},
"students" : {
"3d2HnQUxAbgaOqWBEqfDuhkhkj63" : {
"name" : "s2"
},
"9EtsXHveIyaEkkLLk5hpo6vCtVx1" : {
"name" : "s1"
}
},
"invoice" : {
"stid1" : {
"9EtsXHveIyaEkkLLk5hpo6vCtVx1" : {
"ispaid" : false
},
"studentID" : "9EtsXHveIyaEkkLLk5hpo6vCtVx1"
}
}
}