Firebase FireStore规则检查记录是否正在插入或更新
我在firebase项目上设置了以下firestore规则Firebase FireStore规则检查记录是否正在插入或更新,firebase,firebase-security,google-cloud-firestore,Firebase,Firebase Security,Google Cloud Firestore,我在firebase项目上设置了以下firestore规则 service cloud.firestore { match /databases/{database}/documents { match /news/{news} { allow read: if true; allow write: if request.auth != null // &&
service cloud.firestore {
match /databases/{database}/documents {
match /news/{news} {
allow read: if true;
allow write: if request.auth != null
// && (
// (resource == null && request.resource.data.author == request.auth.uid) ||
// request.auth.uid == resource.data.author == request.resource.data.author ||
// get(/users/$(request.auth.uid)).role in ["editor", "admin"]
// )
&& request.resource.data.keys().hasAll(['title', 'body', 'images', 'tags', 'source', 'web_link', 'created_at', 'updated_at', 'author'])
&& request.resource.data.title is string && request.resource.data.title.size() >= 10 && request.resource.data.title.size() <= 100
&& request.resource.data.body is string && request.resource.data.body.size() >= 300 && request.resource.data.body.size() <= 500
&& request.resource.data.images is list && request.resource.data.images.size() >= 0
&& request.resource.data.tags is list && request.resource.data.tags.size() >= 0
&& request.resource.data.source is string && request.resource.data.source.size() > 0 && request.resource.data.title.size() <= 100
&& request.resource.data.web_link is string && request.resource.data.web_link.size() > 0
// && request.resource.data.created_at is timestamp
// && request.resource.data.updated_at is timestamp
;
}
match /users/{userId} {
allow read, write: if request.auth.uid == userId || get(/users/$(request.auth.uid)).role == "admin"
}
match /{document=**} {
allow read, write: if false;
}
}
}
service cloud.firestore{
匹配/databases/{database}/documents{
匹配/news/{news}{
允许读取:如果为真;
允许写入:if request.auth!=null
// && (
//(resource==null&&request.resource.data.author==request.auth.uid)|
//request.auth.uid==resource.data.author==request.resource.data.author |
//获取(/users/$(request.auth.uid))。角色位于[“编辑器”、“管理员”]
// )
&&request.resource.data.keys().hasAll(['title','body','images','tags','source','web链接','created_at','updated_at','author']))
&&request.resource.data.title是字符串&&request.resource.data.title.size()>=10&&request.resource.data.title.size()=300&&request.resource.data.body.size()=0
&&request.resource.data.tags是list&&request.resource.data.tags.size()>=0
&&request.resource.data.source是字符串&&request.resource.data.source.size()>0&&request.resource.data.title.size()0
//&&request.resource.data.created_at is timestamp
//&&request.resource.data.updated_at is timestamp
;
}
匹配/users/{userId}{
允许读、写:if request.auth.uid==userId | | get(/users/$(request.auth.uid))。角色==“admin”
}
匹配/{document=**}{
允许读、写:如果为false;
}
}
}
上面评论的行不起作用
- 我需要检查资源是否正在插入或更新,
部分不工作resource==null
处创建和在
处更新时包含时间戳,在
不起作用是时间戳
resource.data.author
包含用户的uid
,写入可以细分为:
- 创造
- 更新
- 删除
service cloud.firestore {
match /databases/{database}/documents {
match /news/{news} {
//read rules here...
allow create: if true;
allow update: if true;
allow delete: if true;
}
}
//other rules here...
}
还有。我强烈建议在可能的情况下使用。我在文档中查找相同的详细信息,以下内容使用时间戳对我有效,如果我尝试发送字符串,则会失败(其中“LastUpdate”应与日期属性交换)
request.resource.data.lastUpdated.date() is timestamp