Firebase安全规则:未知变量$ requestId2? [英] Firebase Security Rules: Unknown variable $requestId2?
问题描述
$ b
- 检查username2是否存在
- 检查两个用户是不是朋友
因为我写了以下规则:
{
rules:
{
requests:
{
$ requestId :
{
.read:auth!= null,
.write:auth!= null&&
data.child('用户名2)。val()== true&&
root.child('usernames-list')。child(data.child('username2')).exists()&& $ b ($ user_sequest)。child(auth.uId).child('accepted-pending')。child($ requestId2).child(data.child('username2')).exists() )
}
}
}
}
但它在两个方面返回以下错误:
- data.child('us第二行:第一行:未知变量$ requestId2第二行:未知变量$ requestId2第九行:child()期望一个字符串参数
- data.child($ requestId2)---->数据结构:
请求
--- $ requestId
--- key:value
用户请求
--- $ userId
---暂挂
--- $ requestId
--- key:value
--- accepted
--- $ requestId
--- key:value
---被拒绝
--- $ requestId
--- key:值
---不友好
--- $ requestId
--- key:value
---接受待审批的
--- $ requestId
--- key:值
传入的json:
user1 - > user1的authId
username1 - >第一个用户的用户名
username2 - >第二个用户的用户名
...
注意1: c $ c> newData。而不是
data。
,仍然会得到相同的错误。另外,newData('username2')。isString()
也会返回相同的错误注意2:避免$ requestId2
(错误)做一个单独的列表,只包含user1是朋友的用户名,并与它进行比较;但我仍然需要能够使用data。('username2')
作为root.child()$编辑1:下面的规则发布成功,但我不知道,如果它仍然做我所提到的(需要检查):
$ b / p>
。write:auth!= null&&
newData.child('username2')。 val()== true&&
root.child('usernames-list')。hasChild(newData.child('username2')。val())&&
!root .child('user-requests')。child(auth.uId).child('accepted-pending-usernames')。hasChild(data.child('username2').val())
解决方案
.val()
已被添加到括号内
.exists()
结尾
- 我创建了一个单独的用户名列表(
/ accepted-pending-usernames /
)来克服通配符错误
data
已经替换为newData
。write:auth!= null &安培;&安培;
newData.child('username2')。val()== true&&
root.child('usernames-list')。child(newData.child('username2').val()).exists()&& $('user-requests')。child(auth.uId).child('accepted-pending')。child('accepted-pending-usernames')。child(data.child(' (b)
注意:问题可能仍然没有解决,因为firebase允许在规则中使用多个通配符。
When user1 --> user2 (user1 sends a request to user2). I am trying to perform certain checks using firebase rules, which are:
- Check if username2 exists
- Check if both users are not already friends
for that I've written the following rule:
{ "rules": { "requests": { "$requestId": { ".read": "auth != null", ".write": "auth!=null && data.child('username2').val() == true && root.child('usernames-list').child( data.child('username2') ).exists() && !root.child('user-requests').child( auth.uId ).child('accepted-pending').child($requestId2).child( data.child('username2') ).exists()" } } } }
But it returns the following errors at two areas:
- data.child('username2') ----> Line 9: child() expects a string argument.
- data.child($requestId2) ----> Line 9: Unknown variable $requestId2
Data Structure:
requests ---$requestId ---key: value user-requests ---$userId ---pending ---$requestId ---key: value ---accepted ---$requestId ---key: value ---rejected ---$requestId ---key: value ---unfriend ---$requestId ---key: value ---accepted-pending ---$requestId ---key: value
Incoming json:
user1 --> authId of user1 username1 --> username of 1st user username2 --> username of 2nd user ...
Note 1: I've tried using
newData.
instead ofdata.
and still get the same errors. Also,newData('username2').isString()
also returns the same errorNote 2: I could avoid the
$requestId2
(error) by making a separate list only containing the usernames that user1 is friends with and compare it against that; but I'd still need to be able to usedata.('username2')
as a field withing theroot.child()
Edit 1: The following rule publishes successfully, however I'm not sure if it still does what I've mentioned (need to check) :
".write": "auth!=null && newData.child('username2').val() == true && root.child('usernames-list').hasChild( newData.child('username2').val() ) && !root.child('user-requests').child( auth.uId ).child('accepted-pending-usernames').hasChild( data.child('username2').val() )"
Ref:Firebase security - newData() as a parameter of hasChildren() expression
解决方案Edit 2: This should be the solution:
.val()
has been added within the brackets.exists()
remains at the end- I've created a separate list of usernames (
/accepted-pending-usernames/
) to overcome the wildcard error data
has been replaced withnewData
".write": "auth!=null && newData.child('username2').val() == true && root.child('usernames-list').child( newData.child('username2').val() ).exists() && !root.child('user-requests').child( auth.uId ).child('accepted-pending').child('accepted-pending-usernames').child( data.child('username2').val() ).exists()"
Note: Question may still remain unsolved as its unclear if firebase allows one to use multiple wildcards in the rules
这篇关于Firebase安全规则:未知变量$ requestId2?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!