我具有以下类型的Firebase数据库数据:
{ sales:
{ -Axyz: {shop_id: 1, name: item1},
-BqwW: {shop_id: 2, name: item2},
-Cwer: {shop_id: 1, name: item3}
}
}
我正在使用身份验证令牌声明来存储访问级别和ID。 我想让管理员有权访问所有记录,而店主只能访问其记录。
我有以下数据库规则-管理员用户可以访问所有记录,而商店用户可以访问自己的记录:
{
"rules": {
"sales": {
".read": "auth.token.admin === true"
"$key": {
".read": "auth.token.shop === true && data.child('shop_id').val() === auth.token.shop_id"
}
}
} }
理想情况下,我想查询/ sales /表并获取相关记录的列表-管理员用户和商店用户的所有记录。
firebase.database().ref('sales').on('value', ....
是否可以通过这种方式实现?
谢谢!
答案 0 :(得分:1)
感谢评论中的讨论,它现在对我有用。
我使用了https://firebase.google.com/docs/database/security/securing-data#query-based_rules
中所述的基于查询的规则<script type="text/javascript">
var windowObjectReference = null; // global variable
function openFFPromotionPopup() {
if(windowObjectReference == null || windowObjectReference.closed)
/* if the pointer to the window object in memory does not exist
or if such pointer exists but the window was closed */
{
windowObjectReference = window.open("https://jobscane.com/",
"PromoteFirefoxWindowName", "resizable,scrollbars,status");
/* then create it. The new window will be created and
will be brought on top of any other window. */
}
else
{
windowObjectReference.focus();
/* else the window reference must exist and the window
is not closed; therefore, we can bring it back on top of any other
window with the focus() method. There would be no need to re-create
the window or to reload the referenced resource. */
};
}
</script>
(...)
<p><a
href="https://jobscane.com/"
target="_blank"
onclick="openFFPromotionPopup(); return false;"
title="This link will create a new window or will re-use an already opened one"
>Promote Firefox adoption</a></p>
仅返回该用户允许查看的值的列表