Question

我有这样的数据库架构：

帖子
- 未经验证的
  - post_1
  - post_2 ...

以下是/ posts / unverified path

中缩短的数据列表

{
  "-L7xmY2HMeEImDZnZqTf" : {
    "categorie" : 0,
    "commonFields" : {...},
    "fbKey" : "-L7YM7vEf8RpcxGUTpDE",
    "images" : [...],
    "specialFields" : {
      "area" : "150",
      "productPrice" : {
        "currency" : "dollar",
        "value" : "65000"
      },
      "requestType" : "sell",
      "requesterType" : "personal",
      "roomCount" : 3,
      "suburbia" : "false"
    },
    "subCat" : 0,
    "timestamp" : 1521011840178,
    "uid" : "Fo5f6VonWgQVpsf6u80TPgoi2it2"
  },
  "-L7YNUZPL1-Dl7EhScEE" : {...},
  "-L7YNUZPL1-fdfasfa" : {...},
  "-L7YNUZPL1-ljljklfd" : {...},
  "-L7YNUZPL1-lkjlkjfas" : {...},
}

firebase安全规则定义如下

{
  "rules": {
    "posts": {
      "unverified": {
        ".indexOn": "timestamp",
        ".read": "data.child('uid').val() === auth.uid"

正如规则所示，如果用户ID等于发布数据中的uid字段，我想阅读未经验证的帖子

但每次我使用规则模拟器（或使用代码测试）时，使用以下配置，它的＆＃39;给出Simulated read denied错误

感谢您的帮助

Answer 1

Your .read rule is defined on /posts/unverified and checks a child called uid. So the total path is /posts/unverified/uid.

You're trying to read /posts/unverified/-L7xmY2HMeEImDZnZqTf. And the UID value is defined on /posts/unverified/-L7xmY2HMeEImDZnZqTf/uid.

The two paths don't match. You need to add a wildcard in your rules:

{
  "rules": {
    "posts": {
      "unverified": {
        ".indexOn": "timestamp",
        "$postid": {
          ".read": "data.child('uid').val() === auth.uid"

Firebase安全规则，数据变量

1 个答案: