在Firestore安全规则中使用替换功能 [英] Using the replace function in firestore security rules
问题描述
我正在努力应对Firestore安全规则.我想检查一个需要替换功能的值,即电子邮件地址.我可以在一般的安全性文档中找到一些文档,但这似乎不适用于Firestore.
I'm struggling with Firestore security rules. I want to check on a value that needs the replace function, i.e. an e-mail address. I can find some documentation in the general security docs, but that does not seem to work with Firestore.
例如,这可行:
allow write: if resource.data.members.data[(request.auth.token.email)] in ["admin"];
但这不是(我相应地更改了member对象中的键):
but this doesn't (and I changed the key in the members object accordingly):
allow write: if resource.data.members.data[(request.auth.token.email.replace('.' , ',')] in ["admin"];
另一种选择是拥有一种在查询地址中使用点的方式,因此不必像这样替换它们:
Another option would be to have a way to use dots in the address of a query, so they don't have to be replaced like this:
var emailSanitized = email.replace('.' , '.');
db.collection('someCollection').where('members.' + emailSanitized, '==', 'admin')
这里有什么想法吗?
推荐答案
您可能一直遇到问题有两个原因.
There are two reasons why you might have been having issues.
- 在您提出问题后,
replace
功能已添加到安全规则"中. -
replace
函数对第一个参数使用正则表达式,因此在'.'
上进行匹配将完全匹配所有内容.
- The
replace
function was added to Security Rules after you asked your question. - The
replace
function uses regular expressions for the first argument and so matching on'.'
will match literally everything.
请考虑使用:request.auth.token.email.replace('\\.' , ',')
这篇关于在Firestore安全规则中使用替换功能的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!