如何验证只有拥有数据内容的用户才能写入/删除节点?我的数据结构如下所示:
project-xxxxxxxx
Messages
Chat-Record-001
User1: "B3xUEsPRZ1XhIAhDQo1DEyLZlSX2"
User2: "PR70j0ou4JdDWf8S5X9h9BUevpo1"
Message: "This is a test message!"
Chat-Record-002
User1: "RiGLv20W7UTFZSCAATOHsk9gDfg1"
User2: "GG50j0ou4JdDWf8S5X9h9BUevpo1"
Message: "This is a test message!"
Chat-Record-003
User1: "gBTtYUAKCIVZkYGY7gTUNidSIfv1"
User2: "gmIOwzJwvSOOQc1ADMrHI6phGIv2"
Message: "This is a test message!"
Chat-Record-004
User1: "B3xUEsPRZ1XhIAhDQo1DEyLZlSX2"
User2: "gmIOwzJwvSOOQc1ADMrHI6phGIv2"
Message: "This is a test message!"
我应该如何编写规则以便用户使用 B3xUEsPRZ1XhIAhDQo1DEyLZlSX2 只能写入 Chat-Record-001 和 Chat-Record-004 ,而 gmIOwzJwvSOOQc1ADMrHI6phGIv2 只能写入 Chat-Record-003 和 Chat-Record-004 。 User1和User2字符串来自createUserWithEmailAndPassword。
答案 0 :(得分:1)
这样的事情可以解决问题:
{
"rules": {
"Messages": {
"$chatid": {
".write": "data.child('User1').val == auth.uid || data.child('User2').val == auth.uid"
}
}
}
}
请注意,这只允许他们更新现有邮件。如果您还希望用户能够撰写新邮件,只要他们的UID位于User1
或User2
,就可以:
".write": "newData.child('User1').val == auth.uid || newData.child('User2').val == auth.uid"