每次Firestore限制写入权限
问题描述:
在firestore安全设置中,您可以设置写入/读取数据的条件.
In the firestore security settings you can set conditions for writing/reading data.
目前我有这件作品:
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read: if request.auth != null && request.time <
resource.data.timeCreated + duration.value(1, 'h');
allow write: if request.auth != null;
}
}
}
现在我想限制写作;用户只能每5分钟发送一次数据.我该如何实现?
Now I want to limit the writing; a user should only be able to send data every 5 minutes. How can I achieve this?
答
没有本机的方法.
对于未经登录的用户,您不能以任何不被忽略的方式使用.不过,您可以使用Cloud Functions为已登录的用户实现此目的.
You cannot for non-signed in users in any way that is not trivially bypassed. You could use Cloud Functions to achieve this for signed in users though.
每个用户都有一个下次可以写的配置文件,以及下一个要写的文档的ID.
Each user has a profile with next time they can write, along with the id of the document to write next.
- 在写入时使用规则检查ID是否不存在,并且> =允许的时间
- 在写入时使用Cloud Functions以新的允许时间和下一次写入的唯一ID更新用户配置文件