如何只允许公开访问 firestore 文档的特定字段 [英] How to allow only particular fields of a firestore document to be accessed publicly

问题描述

假设我在 firestore 数据库中有这个结构:

Suppose I have this structure in a firestore database:

collection[
  document: {
    x: 'x',
    y: 'y'
  }
]

而且我已经制定了这个 Firebase 规则:

and I have this firebase rule in place:

service cloud.firestore {
  match /databases/{database}/documents {
    match /collection/{document} {
      allow read: if true;
    }
  }
}

但是这个规则暴露了上面collection中的整个document，我要做的就是只暴露x字段，是吗可能的?谢谢

But this rule exposes the whole document in the above collection, What I want to do is to expose only x field, is it possible? Thanks

推荐答案

你不能.安全规则仅适用于文档级别，因此您无法限制对特定字段的读取访问权限.

You can't. Security rules only work on a document-level basis, so you can't restrict read access to specific fields.

如果您想执行您所建议的操作，您可能需要重构您的数据，以便您的非公开数据位于单独的文档中.您很可能希望通过将您的私人数据放在一个子集合中来做到这一点.所以你可能会得到这样的结果......

If you want to do something like you're suggesting, you'll probably need to restructure your data so that your non-public data is in a separate document. Most likely you'll want to do this by putting your private data in a subcollection. So you might end up with something like this...

collection: [
  document: {
    y: 'y'
    private-collection: [
      document: {
        x: 'x'
      }
    ]
  }
]

然后你会设置你的安全规则，比如:

And then you'd set up your security rules like:

service cloud.firestore {
  match /databases/{database}/documents {
    match /collection/{document} {
      allow read: if true;
      match /private-collection/{otherdoc} {
        allow read: if someOtherRuleThatYouAddHere();
      }
    }
  }
}

这篇关于如何只允许公开访问 firestore 文档的特定字段的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！