您的位置: 首页  >  技术问答  >  在Firebase实时数据库中为ChildByAutoID编写规则?

在Firebase实时数据库中为ChildByAutoID编写规则?

分类: 技术问答 2022-04-02 12:17:29

在Firebase实时数据库中为ChildByAutoID编写规则?

问题描述:

JSON:

  "people" : {
    "user uid" : {
      "**Domain** : "aol.com",
      "peopleWhoLike: {
        "-M-vZavBdcpX3SzkvgKN" : "**IrrBgFY9C1ekMmHUkQRzc5LhbDu1**", ////this is autokey: uid of the likeR///
    }
  }

让我们说您想评估IrrBgFY9C1ekMmHUkQRzc5LhbDu1.如果未使用childByAutoID处理他,我将使用以下代码:

Let us say you want to evaluate IrrBgFY9C1ekMmHUkQRzc5LhbDu1. If he were not proceeded by childByAutoID, I'd use this:

,"peopleWhoLike" : {
"$peopleWhoLike_id": {
    ".read": "auth.uid != null",
    ".write": "$peopleWhoLike_id == auth.uid && data.parent().parent().child('domain').val() == data.parent().parent().parent().child(newData.val()).child('domain').val()"
} /////checks domain of like with domain of person he likes, and makes sure only he can write for himself.

如果IrrBgFY9C1ekMmHUkQRzc5LhbDu1站在没有ChildByAutoID的情况下会很好,但是事实并非如此.因此,现在我想我需要使用类似$ ChildByAutoID的名称,但是由于在JSON中未明确定义该名称,因此不确定如何调用它.

This would be fine if IrrBgFY9C1ekMmHUkQRzc5LhbDu1 stood without the ChildByAutoID, however it does not. So now I am thinking I need to use something like $ChildByAutoID, but am not sure what to call it because it is not explicitly defined in the JSON.

我为$变量阅读的安全规则的来源: https://firebase.google.com/docs/database/security/rules-conditions

Source for security rules I read through for $ variables: https://firebase.google.com/docs/database/security/rules-conditions

我要添加另一个专门解决问题规则部分的答案

I am adding another answer that specifically addresses the rules part of the question

目标是仅在该节点中的域与当前用户域节点匹配时才允许写入该人员节点.我不会编写所有规则,但这将是第一步:

The goal is to only allow a write to a people node if the domain in that node matches the current users domain node. I won't write all of the rules but this will be the first step:

结构应为

people
   uid_0
      domain: "aol.com"
   uid_1
      domain: "gmail.com"
users
   uid_2
      domain: "aol.com"
   uid_3
      domain: "aol.com"

规则类似于

{
  "rules": {
    ".read": false,
      ".write": false,
        "people": {
          "$uid": {
            ".read": "auth != null",
            ".write": "root.child('people').child($uid).child('domain').val() === 
                       root.child('users').child(auth.uid).child('domain').val()" 
          }
        }
  }
}

如果位于的值将被允许写入 /people/uid_x/domain =/users/this_uid/domain

The write will be allowed if the value at /people/uid_x/domain = /users/this_uid/domain

使用上述结构,用户uid_2和uid_3可以写到people/uid_0,但不能写到people/uid_1

With the above structure, users uid_2 and uid_3 can write to people/uid_0 but not to people/uid_1

相关推荐