Firebase安全规则,设置子项不可读? [英] Firebase security rules, setting a children not readable?
本文介绍了Firebase安全规则,设置子项不可读?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
所以我有这个数据库结构:
So I have this db structure:
在个人资料下,我要发送电子邮件& provider-name仅对admin和 每个登录用户均可读取的用户名. 我该如何实现?
Under profile I want email & provider-name to be readable only for admin and Username readable for every logged in user. How I can achieve that?
这是我的规则:
{
"rules":
{
"users":
{
"$uid":
{
// grants write access to the owner of this user account whose uid must exactly match the key ($uid)
".write": "auth !== null && auth.uid === $uid",
"profile":
{
// grants read access only for registered users
".read": "auth !== null",
"email":
{
// This doesn't work with firebase as I was reading doc.
".read": false
}
}
}
}
}
}
推荐答案
因此,在进行了一些研究和阅读有关非规范化结构的信息后,我猜想这种方法会奏效.事实是我很想嵌套,但是在firebase上可能不是一个好主意.
So after a bit of research and reading about denormalize structure I guess this way will work. The fact is that I'm tempted to nest, but probably is a bad idea on firebase.
{
"rules":
{
"users":
{
"$uid":
{
// grants write access to the owner of this user account whose uid must exactly match the key ($uid)
".write": "auth !== null && auth.uid == $uid",
"public-profile":
{
// grants read access only for registered users
".read": "auth !== null"
}
}
},
"private-profile":
{
"$uid":
{
".read": "root.child('users').child(auth.uid).child('role').child('admin').val() === 'true' && root.child('users').child('1').child('role').child('admin').val() === 'true'",
".write": "root.child('users').child(auth.uid).child('role').child('admin').val() === 'true' && root.child('users').child('1').child('role').child('admin').val() === 'true'"
}
}
}
}
这篇关于Firebase安全规则,设置子项不可读?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文