如何为访问同一Firestore集合的不同用户集合设置不同的规则?

时间:2020-06-08 06:15:39

标签: google-cloud-firestore firebase-authentication firebase-security

我有一组数据,例如products和两组不同的用户merchantsusers。如何授予products上的商人的读写访问权限,而仅授予users的只读访问权限?

match /users/{userId} {
   allow read: if request.auth.uid == userId;
}

以上规则仅定义了单个用户的访问权限。

1 个答案:

答案 0 :(得分:1)

起点:

        string[] rHistoryUserIds = Info
                           .Where(u => !Equals(u.Rhistory, null))
                           .SelectMany(v => v.Rhistory)
                           .Select(c => new string[] { c.User.UserId })
                           .SelectMany(m => m)
                           .Distinct().Where(x => !string.IsNullOrEmpty(x)).ToArray();

        string[] vHistoryUserIds = Info
                           .Where(u => !Equals(u.Vhistory, null))
                           .SelectMany(v => v.Vhistory)
                           .Select(c => new string[] { c.User.UserId })
                           .SelectMany(m => m)
                           .Distinct().Where(x => !string.IsNullOrEmpty(x)).ToArray();

        string[] userIds = rHistoryUserIds.Union(vHistoryUserIds).ToArray();

假设用户的字段match /users/{userId} { allow read: if request.auth.uid == userId; } match /products/{productid} { // Anyone authenticated can read allow read: if request.auth.uid != null; // Only merchants can write allow write: if get(/databases/$(database)/documents/users/$(request.auth.uid)).data.type == 'merchant' } 带有可能的值type

更多信息here

相关问题
最新问题