Firebase Security&规则,我如何让用户删除自己的数据? [英] Firebase Security & Rules, How can I let users delete their own data?

查看:126
本文介绍了Firebase Security&规则,我如何让用户删除自己的数据?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我在firebase中的数据看起来像这样,在我的web应用程序中,每个访问它的人都通过firebase进行匿名身份验证,并且他们的UID与用户创建的每个帖子一起存储:



< pre $ -KF5N2V_dKD1dMHebUqc:{
note:大家好,
pos:{
lat:40.3628851,
lng:-74.0493175
},
time:1460395853884,
uid:f8cf7863-5607-4e2b-97d7-6a121261466c
},
-KHwyP-tnWNOA3nxzEm4:{
note:hi,
pos:{
lat:37.0947156,
lng :-121.0179501
},
time:1463459362615,
uid:f8cf7863-5607-4e2b-97d7-6a121261466c
}

我希望设置我的firebase规则,以便只有匿名用户才能删除自己的帖子。



到目前为止,我只能在阅读firebase文档后想出这个: 

  {
规则:{ 
.read:auth!= null,
.write:auth!= null,
$ msg:{
.validate :newData.hasChildren(['note','time','uid','pos'])
&& newData.child('note')。isString()&& newData.child('time')。isNumber()
&& newData.child('uid')。isString()&& newData.child('note')。isString()
&& newData.child('pos / lat')。isNumber()&& newData.child('pos / lng')。isNumber()
} 
} 
}


解决方案

您需要将 .write 权限下移并将其绑定到数据: 

  {
rules:{
.read:auth!= null, 
$ msg:{
.write:!data.exists()|| (!newData.exists()& amp; data.child('uid').val()=== auth.uid)
.validate:...
} 
 
 
 
 
 $ b $ p 
 $ b $ p $ Firebase文档的两个部分: 
 
  
My data in firebase looks like this, in my web app everyone who accesses it gets authenticated anonymously via firebase, and their UID is stored with every post the user creates:
  "-KF5N2V_dKD1dMHebUqc" : {
    "note" : "Hello everybody",
    "pos" : {
      "lat" : 40.3628851,
      "lng" : -74.0493175
    },
    "time" : 1460395853884,
    "uid" : "f8cf7863-5607-4e2b-97d7-6a121261466c"
  },
  "-KHwyP-tnWNOA3nxzEm4" : {
    "note" : "hi",
    "pos" : {
      "lat" : 37.0947156,
      "lng" : -121.0179501
    },
    "time" : 1463459362615,
    "uid" : "f8cf7863-5607-4e2b-97d7-6a121261466c"
  }

I want my firebase rules setup so that only anonymous users can delete their through own posts.



So far i was only able to come up with this after reading the firebase documentation:
{
    "rules": {
      ".read": "auth != null",
      ".write": "auth != null",
      "$msg": {
        ".validate": "newData.hasChildren(['note','time','uid','pos']) 
          && newData.child('note').isString() && newData.child('time').isNumber() 
          && newData.child('uid').isString() && newData.child('note').isString()
          && newData.child('pos/lat').isNumber() && newData.child('pos/lng').isNumber()"
      }
    }
}



 解决方案 
You'll need to move the .write permission down and tie it to the data:
{
    "rules": {
      ".read": "auth != null",
      "$msg": {
        ".write": "!data.exists() || (!newData.exists() && data.child('uid').val() === auth.uid)"
        ".validate": "..."
      }
    }
}

It's a bit of mix-and-match from these two sections of the Firebase documentation: 




                        
这篇关于Firebase Security&amp;规则,我如何让用户删除自己的数据?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆