我有一组数据,例如products
和两组不同的用户merchants
和users
。如何授予products
上的商人的读写访问权限,而仅授予users
的只读访问权限?
match /users/{userId} {
allow read: if request.auth.uid == userId;
}
以上规则仅定义了单个用户的访问权限。
答案 0 :(得分:1)
起点:
string[] rHistoryUserIds = Info
.Where(u => !Equals(u.Rhistory, null))
.SelectMany(v => v.Rhistory)
.Select(c => new string[] { c.User.UserId })
.SelectMany(m => m)
.Distinct().Where(x => !string.IsNullOrEmpty(x)).ToArray();
string[] vHistoryUserIds = Info
.Where(u => !Equals(u.Vhistory, null))
.SelectMany(v => v.Vhistory)
.Select(c => new string[] { c.User.UserId })
.SelectMany(m => m)
.Distinct().Where(x => !string.IsNullOrEmpty(x)).ToArray();
string[] userIds = rHistoryUserIds.Union(vHistoryUserIds).ToArray();
假设用户的字段match /users/{userId} {
allow read: if request.auth.uid == userId;
}
match /products/{productid} {
// Anyone authenticated can read
allow read: if request.auth.uid != null;
// Only merchants can write
allow write: if get(/databases/$(database)/documents/users/$(request.auth.uid)).data.type == 'merchant'
}
带有可能的值type
更多信息here