Firebase firestore安全规则访问路径参数

时间:2018-05-27 05:30:23

标签: javascript firebase google-cloud-firestore firebase-security-rules

考虑这条安全规则

service cloud.firestore {
  match /databases/{database}/documents {
    match /notifications/{user} {
      allow read, write: if request.auth.uid != null;
    }
    match /items/{item} {
      allow read: if true;
      allow write: if false
    }
  }
}

我想访问参数{item}的值。有没有办法做到这一点?对于云函数,它将类似于“context.params.item”。我需要类似于firestore安全规则的东西。

2 个答案:

答案 0 :(得分:1)

根据documentation,该参数存储在resource.data变量:

service cloud.firestore {
  match /databases/{database}/documents {
    match /notifications/{user} {
      allow read, write: if request.auth.uid != null;
    }
    match /items/{item} {
      allow read: if resource.data != null;
      allow write: if false
    }
  }
}

答案 1 :(得分:0)

Writing conditions for Cloud Firestore Security Rules 

service cloud.firestore {
  match /databases/{database}/documents {
    // Make sure the uid of the requesting user matches name of the user
    // document. The wildcard expression {userId} makes the userId variable
    // available in rules.
    match /users/{userId} {
      allow read, update, delete: if request.auth != null && request.auth.uid == userId;
      allow create: if request.auth != null;
    }
  }
}

正如评论所解释的,在您的情况下,由于包含{item},因此只需在规则中使用 item

相关问题
最新问题