Firestore DB的安全规则

时间:2018-04-17 17:40:17

标签: firebase google-cloud-firestore

我试图只允许用户编写ID等于其电子邮件地址的文档。我似乎无法使这条规则起作用。我哪里错了?用户已通过身份验证,并在用户的帐户中设置了电子邮件地址。

规则:

service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow write: if request.auth.email == request.resource.id;
    }
  }
}

呼叫:

firestore
    .collection('my-document')
    .doc(this.$firebase.auth().currentUser.email)
    .set({
      body: JSON.stringify(object),
      email: this.$firebase.auth().currentUser.email,
      submitted: new Date()
    })
    .then(function (docRef) {
      console.log('Successfully Written to DB.')
    })
    .catch(function (error) {
      that.isSubmitting = false
      console.error('Error adding document: ', error)
    })

错误:

Error adding document:  Error: Missing or insufficient permissions.
    at new FirestoreError (error.js?6b3a:140)
    at eval (webchannel_connection.js?80bc:250)
    at W.eval (webchannel_connection.js?80bc:195)
    at Ab (index.js?0dfd:23)
    at W.g.dispatchEvent (index.js?0dfd:21)
    at Re.Ca (index.js?0dfd:98)
    at ye.g.Oa (index.js?0dfd:86)
    at dd (index.js?0dfd:42)
    at ed (index.js?0dfd:39)
    at ad (index.js?0dfd:37)

1 个答案:

答案 0 :(得分:0)

事实证明,配置文件详细信息包含在令牌对象中,可以按如下方式访问:

request.auth.token.email