Firebase 安全规则:只允许更新一个字段

时间:2021-04-13 10:14:43

标签: android firebase google-cloud-firestore firebase-security

我正在尝试仅更新一个字段 (activeStatus) 并确保所有其他字段不可更改。All fields

我已经尝试request.resource.data.keys().hasOnly(["activeStatus"])

2 个答案:

答案 0 :(得分:2)

var lightBlue500Color = LightBlueSwatch.LightBlue500;
var lightBlue500HexString = string.Format("#{0:X2}{1:X2}{2:X2}", lightBlue500Color.R, lightBlue500Color.G, lightBlue500Color.B); // = "#03A9F4"

答案 1 :(得分:0)

如果您想确保用户只能更新 activeStatus 字段,您的更新规则应如下所示:

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {

    function is_unchanged(key) {
      let in_old = key in resource.data;
      let in_new = key in request.resource.data;
      return (!in_old && !in_new)
        || (
          in_old && in_new
          && request.resource.data[key] == resource.data[key]
        );
    }

    match /some/{document} {
      allow update: if is_unchanged('available')
        && is_unchanged('checkBeforeBuy')
        && is_unchanged('description')
        // Repeat for all fields that should not change
        && is_unchanged('validity');
        
    }
  }
}
相关问题
最新问题