在Firestore安全规则中使用替换功能 [英] Using the replace function in firestore security rules

问题描述

我正在努力应对Firestore安全规则.我想检查一个需要替换功能的值，即电子邮件地址.我可以在一般的安全性文档中找到一些文档，但这似乎不适用于Firestore.

I'm struggling with Firestore security rules. I want to check on a value that needs the replace function, i.e. an e-mail address. I can find some documentation in the general security docs, but that does not seem to work with Firestore.

例如，这可行:

allow write: if resource.data.members.data[(request.auth.token.email)] in ["admin"];

但这不是(我相应地更改了member对象中的键):

but this doesn't (and I changed the key in the members object accordingly):

allow write: if resource.data.members.data[(request.auth.token.email.replace('.' , ',')] in ["admin"];

另一种选择是拥有一种在查询地址中使用点的方式，因此不必像这样替换它们:

Another option would be to have a way to use dots in the address of a query, so they don't have to be replaced like this:

var emailSanitized = email.replace('.' , '.');
db.collection('someCollection').where('members.' + emailSanitized, '==', 'admin')

这里有什么想法吗?

推荐答案

您可能一直遇到问题有两个原因.

There are two reasons why you might have been having issues.

1. 在您提出问题后，replace功能已添加到安全规则"中.
2. replace函数对第一个参数使用正则表达式，因此在'.'上进行匹配将完全匹配所有内容.

1. The replace function was added to Security Rules after you asked your question.
2. The replace function uses regular expressions for the first argument and so matching on '.' will match literally everything.

请考虑使用:request.auth.token.email.replace('\\.' , ',')

这篇关于在Firestore安全规则中使用替换功能的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！