firestore:缺少权限或权限不足 [英] firestore : Missing or insufficient permissions

问题描述

我正在使用Role(允许读取，写入:如果request.auth.uid！= null)，当我登录时可以获取数据，但是当我注销用户时会收到错误消息:缺少权限或权限不足.首先，我认为这是因为我没有取消订阅我尝试过的Observable(rxjs/operator/takeWhile)，即使我使用了异步管道，也遇到了同样的错误.

I'm using Role ( allow read ,write : if request.auth.uid != null ) when I logged in I get data it's ok , but when I log out the user I get the error : Missing or insufficient permissions. first I thought it was because of I didn't unsubscribe the Observable I tried (rxjs/operator/takeWhile) even if I used async pipe, I got the same error.

推荐答案

如果您已注销，则request.auth.id == null，因此，您的读取规则返回false.尝试更改为:

if you're logged out then request.auth.id == null, therefore, your read rule returns false. try changing to:

allow read;
allow create: if request.auth.uid != null; 

这允许任何人阅读并且仅创建经过身份验证的用户.通常，您只希望作者进行更新.为此，您需要将文档中的作者uid保存为 userid 之类的属性，然后可以像这样更新规则:

This allows anyone to read and only authenticated users to create. You'll usually only want authors to update. For that you'll need to save the author's uid on the document as a property like userid, then you can update your rules like this:

match /myCollection/{document=**} {
  allow read;
  allow create: if request.auth.uid != null; 
  allow update: if isOwner();
}

function existingData() {
  return resource.data
}

function isOwner() {
  return request.auth.uid == existingData().userid;
}

这篇关于firestore:缺少权限或权限不足的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！