我已将一些安全规则应用于Firestore,但它们只是失败了。我似乎找不到导致问题的原因。基本上,我希望用户仅编辑/删除自己的数据。
这是规则
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
function isAuth(req) {
return req.auth.uid != null;
}
function getRole(req){
return get(/databases/{database}/documents/dmc_users/$(req.auth.token.email)).data.user_role;
}
function isAuthenticatingUser(req){
return get(/databases/{database}/documents/users/$(req.auth.token.email)).data.email == req.auth.token.email;
}
function existingData(res) {
return res.data;
}
function incomingData(req) {
return req.resource.data;
}
// Allow read, update, delete user's own data, create if user authenticated
match /users/{userEmail} {
allow read: if isAuthenticatingUser(request);
allow update, delete: if (request.auth.token.email == resource.data.email) || getRole(request) == "admin";
allow create: if isAuth(request) && request.auth.token.email == userEmail;
match /orders/{document=**}{
allow read: if isAuth(request);
allow write: if (request.auth.token.email == userEmail) || getRole(request) == "admin";
}
match /payment_methods/{document=**}{
allow read: if isAuth(request);
allow write: if request.auth.token.email == userEmail
&& existingData(resource).brand != incomingData(request).brand
&& existingData(resource).last4 != incomingData(request).last4
&& existingData(resource).expiration_month != incomingData(request).expiration_month
&& existingData(resource).expiration_year != incomingData(request).expiration_year
&& existingData(resource).zip_code != incomingData(request).zip_code;
}
}
}
}
这里是什么问题?任何帮助都会很棒。
谢谢!