我的Firestore数据库具有以下规则:
service cloud.firestore {
function signedIn() {
return request.auth != null && request.auth.uid != null;
}
function isAuthorized(accountId) {
return signedIn() && exists(/databases/$(database)/documents/accounts/$(accountId)/users/$(request.auth.uid));
}
match /databases/{database}/documents {
match /users/{uid} {
allow read, write: if signedIn() && uid == request.auth.uid;
}
match /users/{uid}/{document=**} {
allow read, write: if signedIn() && uid == request.auth.uid;
}
match /accounts/{accountId} {
allow read: if isAuthorized(accountId);
}
match /accounts/{accountId}/{document=**} {
allow read, write: if isAuthorized(accountId);
}
match /{document=**} {
allow read, write: if false;
}
}
}
数据库中的现有记录
我希望用户使用uid登录: u123 对/ accounts / axyz
具有读取权限
但是,模拟器只是抛出错误Simulated read denied而没有给出任何提示(哪个行/规则导致失败/拒绝。)
任何帮助将不胜感激。谢谢!
如果我将函数调用isAuthorized(accountId)替换为如下所示的函数主体,则它可以正常工作。
match /accounts/{accountId} {
allow read: if signedIn() && exists(/databases/$(database)/documents/accounts/$(accountId)/users/$(request.auth.uid));
}
match /accounts/{accountId}/{document=**} {
allow read, write: if signedIn() && exists(/databases/$(database)/documents/accounts/$(accountId)/users/$(request.auth.uid));
}
所以它像这样工作。但是仍然想知道为什么调用功能会失败。