Cloud Functions for Firebase是否遵守实时数据库规则? [英] Does Cloud Functions for Firebase respect the realtime database rules?

问题描述

我正在尝试使用特定节点上的安全规则来保护我的实时数据库.

I am trying to secure my real time database using security rules at specific nodes.

我了解Firebase规则将在我使用设备进行读写时适用.

I understand that Firebase rules will apply when I write/ read using my device.

如果写/读碰巧是来自Cloud Functions?

What if the write / read happened to be from Cloud Functions?

如果我保护了(用户)节点，那么Cloud Functions是否知道(用户)是受保护的?还是仍然可以读写?

If I secured (users) node then does Cloud Functions know that (users) is secured? or it reads and writes anyway?

推荐答案

使用Firebase Admin SDK访问实时数据库时，默认情况下，它具有完全的读写访问权限. Admin SDK的假设是，您正在特权环境中运行，在该环境中代码完全在您的控制之下，并且您确切地知道自己在做什么.

When you use the Firebase Admin SDK to access Realtime Database, by default it has full read and write access. The assumption with the Admin SDK is that you're running in a privileged environment where the code is fully under your control, and you know exactly what you're doing.

您的代码正在Cloud Functions中运行的事实与任何这些都不相关.它可以轻松地在您的台式机或您控制的其他服务器上运行.这是Admin SDK的属性.

The fact that your code is running in Cloud Functions has no bearing on any of this. It could just as easily be running on your desktop or some other server you control. This is a property of the Admin SDK.

如果要更改对实时数据库的访问范围，则必须知道最终用户的UID，然后使用

If you want to change the scope of access to Realtime Database, you will have to know the end user's UID, then initialize the SDK to limit the scope of its privilege to that UID using databaseAuthVariableOverride at the time of init.

这篇关于Cloud Functions for Firebase是否遵守实时数据库规则?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！