Firestore安全规则与电话号码有关的问题 [英] Firestore security rules issues with phone number
问题描述
我试图在Firebase中设置一些安全规则,但是没有运气.基本上,我需要根据其电话号码来检查用户是否被阻止的天气.这是我到目前为止的内容:
I'm trying to set some security rules in firebase without luck. Basically I need to check weather the user has been blocked or not based on it's phone number. Here's what I have so far:
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if exists(/databases/$(database)/documents/access/+17777777777);
}
match /globals/{document=**} {
allow read: if true;
}
match /requests/{document=**} {
allow write: if true;
}
}
}
如果我在规则本身中对数字进行硬编码,它将执行应有的功能.如果我使用 $(reqest.auth.token.phone_number)
无效.
If I hard-code the number in the rule itself it does what is supposed to. If I use $(reqest.auth.token.phone_number)
it does not work.
允许读取,写入:如果!exists(/databases/$(database)/documents/access/$(reqest.auth.token.phone_number));
我还根据此文件尝试了 get
问题:
I've also tried with get
as per this question:
allow read, write: if get(/databases/$(database)/documents/access/$(reqest.auth.token.phone_number)).blocked == true ||
get(/databases/$(database)/documents/access/$(reqest.auth.token.phone_number)).data.blocked == true;
我的数据结构如下
access | +17777777777 | blocked = true
我还尝试过翻转结构:
access | blocked | +17777777777 = true
这是来自模拟器的身份验证有效负载
And here is the Authentication payload from the Simulator
{
"uid": "19687a6s87d68as7d968as7d9a8sd",
"token": {
"sub": "19687a6s87d68as7d968as7d9a8sd",
"aud": "my-app",
"email": "",
"email_verified": false,
"phone_number": "+17777777777",
"name": "",
"firebase": {
"sign_in_provider": "google.com"
}
}
}
推荐答案
问题不在 $(reqest.auth.token.phone_number)
方法中.如此答案所述,很遗憾,Firestore目前不支持文档路径中的参考字段值,原因是,为什么只有硬编码的值才能起作用.
The problem is not in the $(reqest.auth.token.phone_number)
method. As stated in this answer, Firestore unfortunately does not support reference field values in document paths at the moment, which is the reason, why do only the hard-coded values work.
修改
很奇怪,但是 Firestore的示例仍然矛盾我上面的答案.
It is strange, but Firestore's example still contradicts my answer above.
这篇关于Firestore安全规则与电话号码有关的问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!