Firebase安全性-newData()作为hasChildren()表达式的参数 [英] Firebase security - newData() as a parameter of hasChildren() expression
本文介绍了Firebase安全性-newData()作为hasChildren()表达式的参数的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我希望允许用户仅在拥有令牌(邀请)的情况下创建他们的帐户. 在我的Firebase Security中,我有:
I want allow users to create their account only if they have a token(invitation). In my firebase Security i have:
{
"rules": {
".read": false,
".write": false,
"users": {
// allow to write if in the invitations there is child equal to token from newData()
".write":"root.child('invitations').hasChild(newData.child('token').val())",
},
"invitations":{
"$invitation":{
".read": "true"
}
}
}
}
就像在注释中我想允许写的那样,如果邀请中有等于newData()令牌的子项.
as is in the comment i want allow to write if in the invitations there is child equal to token from newData().
来自模拟器:
Attempt to write {"token":"evl6yky3vi0pmn29","name":"John"} to /users/99 with auth=null
/:.write: "false"
=> false
/users:.write: "root.child('invitations').hasChild(newData.child('token').val())"
6:52: hasChild() expects a string argument.
=> false
/users/99:<no rules>
我应该怎么做?
推荐答案
您几乎已经完美了.唯一的缺陷是您试图写到users/99,但是您已经将规则放在了users/上.
You've almost got it perfect. The only flaw here is that you're trying to write to users/99, but you've put the rule on users/.
大概是这个意思:
"users": {
"$user_id": {
// allow to write if in the invitations there is child equal to token from newData()
".write":"root.child('invitations').hasChild(newData.child('token').val())",
}
},
这篇关于Firebase安全性-newData()作为hasChildren()表达式的参数的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文