我正在尝试根据此博客https://firebase.googleblog.com/2018/08/better-arrays-in-cloud-firestore.html
从数组中获取“读取”规则 var db = firebase.firestore();
db.collection("_users").where("viewers", "array-contains", myUID)
.get()
.then((querySnapshot) => {
querySnapshot.forEach((doc) => {
console.log(doc.id, ' => ', doc.data());
});
});
在AngularFirestore中相同
this.itemsCollection_users = this._afDB.collection("_users", ref => ref.where("viewers", "array-contains", myUID)))
The DB
/_users/EGsht477klOKW0YeYsryo0j8AkY2/sometext = "hello",
/_users/EGsht477klOKW0YeYsryo0j8AkY2/viewers [
0: hKeDFsC6wOQZGz0rP7SnJ7Vo5O73,
1: Y8xbH2avmCWmm1EBK7wappM2qE03
]
数据库规则 服务cloud.firestore {
match /databases/{database}/documents {
match /_users/{userId} {
allow read: if request.auth.uid in resource.viewers;
}
}
}
因此应该可以从“查看器”中列出的任何用户访问(读取)用户EGsht477klOKW0YeYsryo0j8AkY2
我得到的警告是...
ERROR FirebaseError: Missing or insufficient permissions.
答案 0 :(得分:0)
您的安全规则中的resource
变量指向Resource
object。要获取其数据,您需要使用resource.data
,因此:
allow read: if request.auth.uid in resource.data.viewers;