Firestore查询阵列/规则无法使用resources.viewers

Question

我正在尝试根据此博客https://firebase.googleblog.com/2018/08/better-arrays-in-cloud-firestore.html

从数组中获取“读取”规则

  var db = firebase.firestore();
  db.collection("_users").where("viewers", "array-contains", myUID)
    .get()
    .then((querySnapshot) => {
      querySnapshot.forEach((doc) => {
        console.log(doc.id, ' => ', doc.data());
      });
    });

---

在AngularFirestore中相同

this.itemsCollection_users = this._afDB.collection("_users", ref => ref.where("viewers", "array-contains", myUID)))

---

The DB 
/_users/EGsht477klOKW0YeYsryo0j8AkY2/sometext = "hello",
/_users/EGsht477klOKW0YeYsryo0j8AkY2/viewers [
  0: hKeDFsC6wOQZGz0rP7SnJ7Vo5O73,
  1: Y8xbH2avmCWmm1EBK7wappM2qE03
]

---

数据库规则 服务cloud.firestore {

  match /databases/{database}/documents {   
    match /_users/{userId} {

        allow read: if request.auth.uid in resource.viewers;    

    }
}
}

---

因此应该可以从“查看器”中列出的任何用户访问（读取）用户EGsht477klOKW0YeYsryo0j8AkY2

我得到的警告是...

ERROR FirebaseError: Missing or insufficient permissions.

Answer 1

您的安全规则中的resource变量指向Resource object。要获取其数据，您需要使用resource.data，因此：

 allow read: if request.auth.uid in resource.data.viewers;