Firebase数据库规则。允许通配符的孩子=== auth.uid [英] Firebase database rules. Allow when wildcard's child === auth.uid
问题描述
{
accounts:{
JGeRgwAUBM ... {
active:true,
created:1468406951438,
key:JGeRgwAUBM ...
}
}
规则:
{
rules:{
.read:false,
.write:false,
accounts:{
$ uid: {
.read:$ uid === auth.uid,
.write:$ uid === auth.uid
}
}
而不是使用auth .uid作为数据的关键字,我宁愿使用push()。getKey()生成的键。
$ $ p $ $ $ $ $ $
accounts:{
theKeyIGetFrom:push()。getKey():{
active:true,
created:1468406951438,
auth_uid:JGeRgwAUBM ...
}
}
对于像这样的规则:
$ b $
{
rules:{
.read:false,
.write: false,
accounts:{
$ key:{
.read:$ key.auth_uid === auth.uid,
.write :$ key.auth_uid === auth.uid
}
}
}
}
$ p $解答方案
解答你的问题,你将能够通过规则来达到你想要的规则。
{
rules:{
accounts:{
$ key :{
.read:data.child(auth_uid).val()=== auth.uid,
.write:data.child(auth_uid).val )=== auth.uid
}
}
}
但请记住,要检索和写入数据,您需要知道 $ key
,因为您无法获取任何数据通过访问 / accounts
。那是因为你没有读/写规则来访问特定的 / accounts
分支。
如果在我手中,我宁愿使用当前的 / accounts / uid
解决方案。你可以很容易地检索用户数据,因为你可以得到当前认证的用户uid。
Structure:
{
"accounts" : {
"JGeRgwAUBM..." : {
"active" : true,
"created" : 1468406951438,
"key" : "JGeRgwAUBM..."
}
}
Rules:
{
"rules": {
".read": false,
".write": false,
"accounts": {
"$uid": {
".read": "$uid === auth.uid",
".write": "$uid === auth.uid"
}
}
}
}
Goal: Instead of using the auth.uid as key for the data, I would rather prefer to use the generated key from push().getKey()
{
"accounts" : {
"theKeyIGetFrom: push().getKey()" : {
"active" : true,
"created" : 1468406951438,
"auth_uid" : "JGeRgwAUBM..."
}
}
Looking for the rule set for something like this:
{
"rules": {
".read": false,
".write": false,
"accounts": {
"$key": {
".read": "$key.auth_uid === auth.uid",
".write": "$key.auth_uid === auth.uid"
}
}
}
}
Answering your question, you will be able to achieve the rules you want with the rules bellow.
{
"rules": {
"accounts": {
"$key": {
".read": "data.child(auth_uid).val() === auth.uid",
".write": "data.child(auth_uid).val() === auth.uid"
}
}
}
}
But keep in mind that, to retrieve and write data, you would need to already know the $key
's since you wont be able to get any data by accessing /accounts
. Thats beacause you don't have read/write rules to access the specific /accounts
branch.
If it was in my hands I would prefer going with your current /accounts/uid
solution. You would always be easly able to retrieve users data since you could get the current authenticated user uid.
这篇关于Firebase数据库规则。允许通配符的孩子=== auth.uid的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!