Firebase规则,如何允许用户仅查看自己的数据

时间:2019-05-02 18:54:52

标签: firebase firebase-realtime-database firebase-security-rules

我正在尝试制定一个允许用户查看自己的数据的规则集...

我当前的规则集是:

{
  "rules": {
    ".read": "root.child('users').child(auth.uid).child('admin').val() === true",
    ".write": "root.child('users').child(auth.uid).child('admin').val() === true",
    "users": {
      ".indexOn": ["active"],
      "$user_id": {
        ".read": "$user_id === auth.uid",
        ".write": "$user_id === auth.uid"
      }
    },
    "active_alerts": {
      ".indexOn": "alert_id"
    },
    "trips": {
      ".indexOn": "archive",
      "$trip_id": {
            ".read": "data.child('who_called').child('key').val() === root.child('users').child(auth.uid).child('customer').child('key').val()",
        "notes": {
          "$note_id": {
            ".read": "data.child('display').val() === true"
          }
        }
      }
    }
  }
}

user路径中的数据如下所示:

{
  "active" : true,
  "admin" : false,
  "customer" : {
    "key" : "-Ldsu71CgIJxh1DVTTCP",
    "name" : "Demo Customer"
  },
  "email" : "emai@email.com",
  "last_login" : "2019-05-02T18:34:26.466Z",
  "name" : "Demo",
  "primary_phone" : "4197460180",
  "typeahead" : "demo"
}

/trips中的匹配项:

{
  "airline" : {
    "key" : "195",
    "name" : "AAL"
  },
  "archive" : false,
  "arrival_airport" : {
    "code" : "PHL",
    "icao" : "KPHL",
    "key" : "108",
    "name" : "Philadelphia",
    "timezone" : "America/New_York"
  },
  "bill_to" : {
    "key" : "-LdqFpqAOm-dOl9xBtp2",
    "name" : "AGT Global Logistics "
  },
  "consignee" : {
    "key" : "-LdqHNMzPrP9epp_W-DS",
    "name" : "Exelon Peach Bottom"
  },
  "customer_reference" : "124914",
  "departure_airport" : {
    "code" : "MKE",
    "icao" : "KMKE",
    "key" : "90",
    "name" : "Milwaukee",
    "timezone" : "America/Chicago"
  },
  "last_update" : "2019-05-02T18:02:57.274Z",
  "level" : {
    "key" : "-LWlODaCFUcejExn41Rr",
    "name" : "Next Flight Out"
  },
  "milestones" : [ {
    "airport" : {
      "code" : "MKE",
      "icao" : "KMKE",
      "key" : "90",
      "name" : "Milwaukee",
      "timezone" : "America/Chicago"
    },
    "flight_time" : "2019-05-02T12:33:00.000Z",
    "status" : {
      "key" : "4",
      "name" : "completed"
    },
    "type" : {
      "key" : "0",
      "name" : "Picked up"
    }
  }, {
    "airport" : {
      "code" : "MKE",
      "icao" : "KMKE",
      "key" : "90",
      "name" : "Milwaukee",
      "timezone" : "America/Chicago"
    },
    "flight_time" : "2019-05-02T13:51:00.000Z",
    "status" : {
      "key" : "4",
      "name" : "completed"
    },
    "type" : {
      "key" : "1",
      "name" : "Dropped to departure airport"
    }
  }, {
    "airline" : {
      "key" : "195",
      "name" : "AAL"
    },
    "airport" : {
      "code" : "MKE",
      "icao" : "KMKE",
      "key" : "90",
      "name" : "Milwaukee",
      "timezone" : "America/Chicago"
    },
    "alert_id" : 29624287,
    "flight_number" : "4883",
    "flight_time" : "2019-05-02T16:28:03.000Z",
    "ident" : "PDT4883-1556601968-airline-0144",
    "img_url" : "....",
    "note" : "arrival ~ PDT4883 arrived at PHL from MKE",
    "status" : {
      "key" : "4",
      "name" : "completed"
    },
    "type" : {
      "key" : "2",
      "name" : "Departed Airport"
    }
  }, {
    "airline" : {
      "key" : "195",
      "name" : "AAL"
    },
    "airport" : {
      "code" : "PHL",
      "icao" : "KPHL",
      "key" : "108",
      "name" : "Philadelphia",
      "timezone" : "America/New_York"
    },
    "alert_id" : 29624287,
    "flight_number" : "4883",
    "flight_time" : "2019-05-02T18:02:00.000Z",
    "note" : "arrival ~ PDT4883 arrived at PHL from MKE",
    "status" : {
      "key" : "4",
      "name" : "completed"
    },
    "type" : {
      "key" : "4",
      "name" : "Arrived Airport"
    }
  }, {
    "airport" : {
      "code" : "PHL",
      "icao" : "KPHL",
      "key" : "108",
      "name" : "Philadelphia",
      "timezone" : "America/New_York"
    },
    "flight_time" : "2019-05-02T20:00:00.000Z",
    "status" : {
      "key" : 0,
      "name" : "planned"
    },
    "type" : {
      "key" : "6",
      "name" : "Out for delivery"
    }
  }, {
    "airport" : {
      "code" : "PHL",
      "icao" : "KPHL",
      "key" : "108",
      "name" : "Philadelphia",
      "timezone" : "America/New_York"
    },
    "flight_time" : "2019-05-02T21:30:00.000Z",
    "status" : {
      "key" : 0,
      "name" : "planned"
    },
    "type" : {
      "key" : "7",
      "name" : "Delivered"
    }
  } ],
  "pieces" : [ {
    "description" : "Valves",
    "height" : "11",
    "length" : "27",
    "qty" : "1",
    "units" : {
      "key" : "2",
      "name" : "IN"
    },
    "weight" : "50",
    "weight_units" : {
      "key" : "3",
      "name" : "LBS"
    },
    "width" : "19"
  } ],
  "protect_time" : "2019-05-02T21:30:00.000Z",
  "ready_time" : "2019-05-02T13:00:00.000Z",
  "shipper" : {
    "key" : "-LdqG3I48m662R7ABa5i",
    "name" : "FAIRBANKS MORSE - MKE"
  },
  "trip_id" : "LFC-155676269",
  "trip_notes" : [ {
    "date_time" : "2019-05-02T10:29:43.892Z",
    "display" : true,
    "note" : "delay ~ Philadelphia Intl (PHL) is experiencing all inbound flights being held at their origin due to low clouds"
  }, {
    "date_time" : "2019-05-02T13:05:52.708Z",
    "display" : true,
    "note" : "filed ~ PDT4883 (E145) filed to depart MKE @ Thu (02 May) 16:24 GMT for PHL @ ETA 18:09 GMT (02 May)  (UECKR5 SAMPL ADIME GERBS J146 CXR EWC JST BOJID2)"
  }, {
    "date_time" : "2019-05-02T14:51:00.000Z",
    "display" : true,
    "note" : "Shipment has been manifested onto flight AA4883 - TC"
  }, {
    "date_time" : "2019-05-02T16:28:31.325Z",
    "display" : true,
    "note" : "departure ~ PDT4883 (E145) departed MKE @ 16:28 GMT for PHL ETA 18:13 GMT"
  }, {
    "date_time" : "2019-05-02T18:02:57.274Z",
    "display" : true,
    "note" : "arrival ~ PDT4883 arrived at PHL from MKE"
  } ],
  "who_called" : {
    "key" : "-Ldsu71CgIJxh1DVTTCP",
    "name" : "Demo Customer"
  }
}
如您所见,

customer.key和who_call键匹配,但是用户仍然看不到数据。不知道我在整个规则集中做错了什么。感谢您的帮助!

1 个答案:

答案 0 :(得分:1)

要让用户看到他们添加的旅程,请像这样使用query-based rules

"trips": {
  ".indexOn": "archive",
  ".read": "auth.uid != null && query.orderByChild == 'who_called/key' &&
        query.equalTo == root.child('users/' + auth.uid + '/customer/key').val()",
  "$trip_id": {
        ".read": "data.child('who_called').child('key').val() === root.child('users').child(auth.uid).child('customer').child('key').val()",
    "notes": {
      "$note_id": {
        ".read": "data.child('display').val() === true"
      }
    }
  }
}

唯一的限制是,如果不使用规则中指定的查询,就无法访​​问用户的旅程。这意味着您无法访问此类旅行;

firebase.database().ref('users/USERID/customer/-Ldsu71CgIJxh1DVTTCP)

必须像

一样完成
firebase.database().ref('trips').orderByChild('who_called/key')
.equalTo('-Ldsu71CgIJxh1DVTTCP')

我已经尝试过了,而且效果很好。希望对您有帮助