Firestore安全规则:如何验证字段未定义? [英] Firestore security rules: How to validate that a field is undefined?

问题描述

当用户注册并在Firestore中初始化数据时，我想确认他们没有尝试设置自己的角色(例如，因此他们没有将其设置为"admin").

When a user signs up and they initialise their data in firestore, I want to validate that they aren't attempting to set their role (i.e. so they're not setting it to 'admin' for example).

我试图写这个:

match /users/{userId} {
  allow create: if (signedInAs(userId) && !request.resource.data.role) || isAdmin();
  ...

...但是我只看到对象上的属性角色未定义."

...but I just see "Property role is undefined on object."

是否可以安全地执行此操作?还是这意味着我应该总是初始化期望的字段，即使只是空字符串也是如此?这似乎与NoSQL的哲学不太吻合?

Is there a way to do this safely? Or does this mean I should always be initialising expected fields, even if it's just to the empty string? That doesn't seem to quite fit with the philosophy of NoSQL?

推荐答案

使用in运算符确定对象的属性是否不存在.

Use the in operator to find out if a property of an object doesn't exist.

!("role" in request.resource.data)

这产生一个布尔值.在地图类型的规则API文档中进行查看.

This yields a boolean. See it in the rules API docs for the Map type.

这篇关于Firestore安全规则:如何验证字段未定义?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！