基于属性值的Firebase Firestore安全性规则 [英] Firebase Firestore Securitty Rule based on Attribute Value
问题描述
我正在尝试在Firestore数据库上编写安全规则,以允许读取status
值为published
的集合中的文档.但是,一旦发布规则,就不允许读取该集合的任何文档.
I am trying to write security rules on my Firestore database to allow read of documents within a collection with status
value as published
. But, it does not allow read for any document for the collection once the rule is published.
我正在遵循官方文档中所述的权限设置. https://firebase.google.com/docs/firestore/security/rules-条件
I am following the permission settings as described on the official doc. https://firebase.google.com/docs/firestore/security/rules-conditions
但是,它没有按预期工作.
But, it is not working as expected.
service cloud.firestore {
match /databases/{database}/documents {
match /articles/{articleId} {
allow read: if resource.data.status == 'published';
}
}
}
我正在使用以下React + Redux代码查询文档:
I am using the following React + Redux code for querying the documents:
export const getArticles = (limit = 25) => {
return (dispatch) => {
dispatch({ type: ARTICLES });
const db = firebase.firestore();
const query = db.collection('articles')
.orderBy('createdAt', 'desc')
.limit(limit);
query.get()
.then((snapshot) => {
const dataArray = [];
snapshot.forEach(doc => {
dataArray.push(mergeDocIdAndData(doc.id, doc.data()));
});
getArticlesSuccess(dispatch, dataArray)
.then(() => dispatch(push('/articles')));
})
.catch(() => getArticlesFail(dispatch));
};
}
推荐答案
您错过了文档中的一个特定要点:查询失败因为它不包含与安全规则相同的约束",并且安全规则不包含"过滤器".请参见 https://firebase.google.com/docs/firestore/security /rules-query#queries_and_security_rules
You have missed one specific point in the doc: your query fails "because it does not include the same constraints as your security rules" and "security rules are not filters". See https://firebase.google.com/docs/firestore/security/rules-query#queries_and_security_rules
换句话说,您的查询应类似于:
In other words, your query should be like:
const query = db.collection('articles').where("status", "==", "published")...
这篇关于基于属性值的Firebase Firestore安全性规则的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!