Firebase安全规则使用uid进行写入操作

Question

我希望拥有一个帐户的用户创建一个帖子。但是使用我当前的firebase规则，我收到一条错误消息：权限被拒绝。

这是我的安全规则：

 {
  "rules": {
    "shoes" : {
      ".read": true,
      "$uid" : {
        ".write" : "auth != null && $uid === auth.uid"
      }
    },
    "websites" : {
      ".read": true,
      "$user_id" : {
        ".write" : "auth != null && $user_id === auth.uid"
      }
    },
    "users" : {
      ".read" : "auth != null && auth.token.email == 'test@test.com'"
    } 
  }
}

这是我在实时数据库中的结构：

在这里，我正在快速写入数据库。事先检查用户是否已登录。如果已登录，他可以创建一个帖子。

func addNewShoe(user: String, shoe_ID: String, shoe_Name: 

String,shoe_Release_Date: String , shoe_Release_Time: String, shoe_Colorway: String, shoe_PID: String, shoe_Retail: String, shoe_Image: Data, view: NSView, completion: @escaping(Bool) -> Void) {
                
        if user == CURRENT_USER_EMAIL {
            print("uid", Auth.auth().currentUser?.uid)
            DATABASE_STORAGE.reference().child("\(shoe_ID)/\(shoe_ID)").putData(shoe_Image, metadata: nil) { (metadata, error) in
                if error != nil {
                    return
                }
                
                self.DATABASE_STORAGE.reference().child(shoe_ID).child(shoe_ID).downloadURL { (url, error) in
                    if error != nil {
                        print(error!.localizedDescription)
                        return
                    } else {
                        
                        let imageUrlString = url?.absoluteString
                        
                        let shoe = [
                            "ID" : shoe_ID,
                            "PID" : shoe_PID,
                            "colorway" : shoe_Colorway,
                            "name" : shoe_Name,
                            "releaseDate" : shoe_Release_Date,
                            "releaseTime" : shoe_Release_Time,
                            "retail" : shoe_Retail,
                            "sneakerImage" : imageUrlString
                        ]
                        
                        self.DATABASE_REF.child("shoes").child(shoe_ID).setValue(shoe) { [self] (error, ref) in
                            if error != nil {
                                Utility.shared.setupSheetModalAlert(message: "Oops! Something went wrong.", text: "Error message: \(error?.localizedDescription ?? "For a unknown reason this post was not uploaded to the database. Please try again.")", view: view, suppressionName: "suppressionShoe", suppressionValue: true, suppressionShow: false)
                                defaults.set(true, forKey: "suppressionShoe")
                                completion(false)
                            } else {
                                sendNotificationToDevice(notification: "A new raffle was added, check it out!", notification: shoe_Name)
                                Utility.shared.setupSheetModalAlert(message: "Upload succeeded!", text: "This post was successfully uploaded to the database.", view: view, suppressionName: "suppressionShoe", suppressionValue: defaults.bool(forKey: "suppressionShoe"), suppressionShow: true)
                                completion(true)
                            }
                        }
                    }
                }
            }
        } else {
            Utility.shared.setupSheetModalAlert(message: "access denied", text: "", view: view, suppressionName: nil, suppressionValue: false, suppressionShow: false)
        }
        
    }

我尚未完全了解安全规则。我从根本上做错了吗？