Firestore安全规则.hasAny(['A','B','C'])仍可使用吗? [英] Is Firestore Security Rule .hasAny(['A', 'B', 'C']) still available for use?
问题描述
似乎无法使用Firestore安全规则.hasAny().此方法是否已弃用或不再可用?
Can't seemed to use Firestore Security Rule .hasAny(). Is this method deprecated or no longer available?
我正在使用它
/// Functions - NOT WORKING!!! ///
function isTeamMember(teamId, userId) {
return get(/databases/$(database)/documents/team_access_privilege/$(teamId)).data[userId].hasAny(['OWNER', 'ADMIN', 'STANDARD'])
}
Firestore数据的结构如此
The Firestore data is structured as such
- team_access_privilege (COLLECTION)
-- teamId (DOCUMENT)
--- userId1 (KEY) : 'OWNER' (VALUE)
--- userId2 (KEY) : 'ADMIN' (VALUE)
--- userId3 (KEY) : 'ADMIN' (VALUE)
--- userId4 (KEY) : 'STANDARD' (VALUE)
该团队有4位用户.
我还测试了以下功能,它们运作良好.
I also tested that the below functions and they work well.
/// Functions - Working Well ///
function isOwnerOfTeam(teamId, userId) {
return get(/databases/$(database)/documents/team_access_privilege/$(teamId)).data[userId] == 'OWNER'
}
我的目标是检查team_access_privilege中是否存在userId,他/她是否可以访问数据.我尝试使用 exists(),但模拟器永远需要运行.我放弃使用 exists().我不确定这是否是已知问题.
My goal is to check that as long as userId exists in team_access_privilege he/she can access the data. I tried using exists() but the simulator takes forever to run. I am giving up on using exists(). I am not sure if it is a known issue.
下面这将永远需要运行
/// Functions - Not working too ///
function isTeamMember(teamId, userId) {
return exists(get(/databases/$(database)/documents/team_access_privilege/$(teamId)).data[userId])
}
总而言之,我的目标是检查用户是否是读/写数据的团队的所有者",管理员"或标准".
编辑1
尝试了@道格·史蒂文森(Doug Stevenson)的答案,它不起作用
Tried @Doug Stevenson's answer, and it does NOT work
['OWNER', 'ADMIN', 'STANDARD'].hasAny([get(/databases/$(database)/documents/team_access_privilege/$(teamId)).data[userId]])
这是错误消息.
我尝试了另一种方法,并且奏效了.
I tried another approach, and it worked.
/// Functions - Working Well ///
function isOwnerOfTeam(teamId, userId) {
return get(/databases/$(database)/documents/team_access_privilege/$(teamId)).data[userId] == 'OWNER'
}
/// Functions - Working Well ///
function isAdminOfTeam(teamId, userId) {
return get(/databases/$(database)/documents/team_access_privilege/$(teamId)).data[userId] == 'ADMIN'
}
/// Functions - Working Well ///
function isStandardOfTeam(teamId, userId) {
return get(/databases/$(database)/documents/team_access_privilege/$(teamId)).data[userId] == 'STANDARD'
}
/// Functions - Then This WOrks ///
function isTeamMember(teamId, userId) {
return isOwnerOfTeam(teamId, userId) || isAdminOfTeam(teamId, userId) || isStandardOfTeam(teamId, userId)
}
['',``,''] .hasAny(get())不起作用. get().hasAny(['',``,''])也是如此.对于我所说的数据结构,Exists不能很好地工作.
['', '', ''].hasAny( get() ) does not work. So is get().hasAny(['', '', '']). Exists does not work as well for my said data structure.
这只是令人困惑.无论如何,我现在有一个有效的安全规则.希望@Doug Stevenson可以帮助我们找到一种更有效的方式来检查用户是否是读/写数据的团队的所有者",管理员"或标准".
This is just puzzling. Anyway I have a working security rule for now. Hope @Doug Stevenson could help figure out a more efficient way to check that the user is a 'OWNER', 'ADMIN', or 'STANDARD' of the team to read / write data.
推荐答案
hasAny
is a method on array types, as documented here in the rules reference. You use it to determine if a list type field contains any of the values in the given list. It seems that you're trying to use it on a string.
也许您可以反方向使用它来确定用户ID的字符串角色是否是给定的其他三个角色之一:
Perhaps you can use it in the opposite direction to figure out if the string role of the user id is one of the three other roles given:
['OWNER', 'ADMIN', 'STANDARD'].hasAny([get(/databases/$(database)/documents/team_access_privilege/$(teamId)).data[userId]])
这篇关于Firestore安全规则.hasAny(['A','B','C'])仍可使用吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!