Firestore DB的安全规则 [英] Security rules for Firestore DB

问题描述

我正在尝试仅允许用户编写ID等于其电子邮件地址的文档.我似乎无法使该规则生效.我要去哪里错了?用户已通过身份验证，并且在用户帐户上设置了电子邮件地址.

I'm trying to only allow users to write documents where the ID is equal to their email address. I can't seem to get this rule to work. Where am I going wrong? The user is authenticated, and email address is set on the user's account.

规则:

service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow write: if request.auth.email == request.resource.id;
    }
  }
}

致电:

firestore
    .collection('my-document')
    .doc(this.$firebase.auth().currentUser.email)
    .set({
      body: JSON.stringify(object),
      email: this.$firebase.auth().currentUser.email,
      submitted: new Date()
    })
    .then(function (docRef) {
      console.log('Successfully Written to DB.')
    })
    .catch(function (error) {
      that.isSubmitting = false
      console.error('Error adding document: ', error)
    })

错误:

Error adding document:  Error: Missing or insufficient permissions.
    at new FirestoreError (error.js?6b3a:140)
    at eval (webchannel_connection.js?80bc:250)
    at W.eval (webchannel_connection.js?80bc:195)
    at Ab (index.js?0dfd:23)
    at W.g.dispatchEvent (index.js?0dfd:21)
    at Re.Ca (index.js?0dfd:98)
    at ye.g.Oa (index.js?0dfd:86)
    at dd (index.js?0dfd:42)
    at ed (index.js?0dfd:39)
    at ad (index.js?0dfd:37)

推荐答案

结果表明，概要文件详细信息包含在令牌对象中，并且可以按以下方式访问:

Turns out that profile details are contained in the token object, and can be accessed as follows:

request.auth.token.email

这篇关于Firestore DB的安全规则的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！