Firestore安全规则:request.time“对象上未定义" [英] Firestore Security Rules: request.time "undefined on object"
问题描述
function isThrottled() {
return request.time < resource.data.lastUpdate + duration.value(1, 'm')
}
我要在哪里allow update: if isThrottled() == false
但是,当我尝试使用此规则更新文档时,由于未在对象上定义时间而失败.
However, when I try to update a document with this rule, it fails due to time being not defined on the object.
错误:simulator.rules行[169]列[12].物业时间是 在对象上未定义.
Error: simulator.rules line [169], column [12]. Property time is undefined on object.
不是每个请求都附有time或TimeStamp吗?这与我初始化Cloud Functions或客户端应用程序有关吗?
Shouldn't every request have a time or TimeStamp attached to it? Is this something to do with how I'm initializing my Cloud Functions or client app?
以下屏幕截图:
编辑
其余更新安全规则的摘录如下:
A snippet for the rest of the update security rules are:
service cloud.firestore {
match /databases/{db}/documents {
match /users/{userId} {
match /username/{id} {
allow update: if isSelf(userId)
&& usernameAvailable(incomingData().username)
&& incomingData().username is string
&& incomingData().username.size() <= 25
&& incomingFields().size() == 1
&& isThrottled() == false;
}
}
function incomingData() {
return request.resource.data
}
function isThrottled() {
return request.time < resource.data.lastUpdate + duration.value(1, 'm')
}
function incomingFields() {
return incomingData().keys()
}
function isSelf(userId) {
return userId == currentUser().uid;
}
function usernameAvailable(username) {
return !exists(/databases/$(db)/documents/usernames/$(username));
}
}
}
username集合是每个user文档下的子集合(在users根集合中.每个username文档只有一个名为username的字段,用户可以对其进行更新).
The username collection is a subcollection under each user document (in the users root collection. Each username document only has 1 field called username that users can update).
推荐答案
这可能对您的情况特别无用,但是在检查对令牌对象的自定义声明时出现相同的错误.
This might not be useful for your case in particular, but I had the same error when checking a custom claim on the token object.
在访问该字段之前,可以使用in检查该对象上是否存在该属性.如果未定义代理,则此代码将产生错误:
Before accessing the field you can use in to check whether the property exists on the object. This code generates the error if agent is not defined:
allow write: if request.auth != null && request.auth.token.agent == true;
如果未定义代理,则此代码可以正常工作:
This code works fine if agent is not defined:
allow write: if request.auth != null && "agent" in request.auth.token && request.auth.token.agent == true;
这篇关于Firestore安全规则:request.time“对象上未定义"的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
