Question

有人对这个认证业务有头脑吗？我有护士（用户）和患者，我想在一些患者记录上给予护士许可。

现在（丢弃有关关系数据库的所有知识）我已经在每个患者下放置了权限，其中每个权限都有用户/护士的ID

service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read, write: 
        if get(/databases/$(database)/documents/
          patients/89QL8XXXXFf/
          permissions/KZztXXXXXRf1)!=null;
    }
  }
}

.. ok知道了...

Answer 1

    service cloud.firestore {
      match /databases/{database}/documents{ 
          //define the database variable, use it later as $(database)
        match /patients/{patientId}{
            //define variable patientId, use later as $(patientId)
            allow read, write: 
              // if exists(/databases/$(database)/documents //WORKS
              //    /patients/$(patientId)
              //   /permissions/$(request.auth.uid))
              if get(/databases/$(database)/documents //WORKS
                /patients/$(patientId)
                /permissions/$(request.auth.uid)).data.write == true;
         //you have to get(...).data.myProperty 
    }
    // match /{document=**} {
    //  allow read,write: if false;
    // }
  }  
}

google firestore auth存在规则

1 个答案: