Firebase规则，如何允许用户仅查看自己的数据_Firebase_Firebase Realtime Database_Firebase Security

Firebase规则，如何允许用户仅查看自己的数据

firebase

Firebase规则，如何允许用户仅查看自己的数据,firebase,firebase-realtime-database,firebase-security,Firebase,Firebase Realtime Database,Firebase Security,我正在尝试使用一个规则集，允许用户查看自己的数据我当前的规则集是： { "rules": { ".read": "root.child('users').child(auth.uid).child('admin').val() === true", ".write": "root.child('users').child(auth.uid).child('admin').val() === true", "users": { ".indexOn": ["

我正在尝试使用一个规则集，允许用户查看自己的数据

我当前的规则集是：

{
  "rules": {
    ".read": "root.child('users').child(auth.uid).child('admin').val() === true",
    ".write": "root.child('users').child(auth.uid).child('admin').val() === true",
    "users": {
      ".indexOn": ["active"],
      "$user_id": {
        ".read": "$user_id === auth.uid",
        ".write": "$user_id === auth.uid"
      }
    },
    "active_alerts": {
      ".indexOn": "alert_id"
    },
    "trips": {
      ".indexOn": "archive",
      "$trip_id": {
            ".read": "data.child('who_called').child('key').val() === root.child('users').child(auth.uid).child('customer').child('key').val()",
        "notes": {
          "$note_id": {
            ".read": "data.child('display').val() === true"
          }
        }
      }
    }
  }
}

user

路径包含如下数据：

{
  "active" : true,
  "admin" : false,
  "customer" : {
    "key" : "-Ldsu71CgIJxh1DVTTCP",
    "name" : "Demo Customer"
  },
  "email" : "emai@email.com",
  "last_login" : "2019-05-02T18:34:26.466Z",
  "name" : "Demo",
  "primary_phone" : "4197460180",
  "typeahead" : "demo"
}

以及

/trips

中的匹配项：

{
  "airline" : {
    "key" : "195",
    "name" : "AAL"
  },
  "archive" : false,
  "arrival_airport" : {
    "code" : "PHL",
    "icao" : "KPHL",
    "key" : "108",
    "name" : "Philadelphia",
    "timezone" : "America/New_York"
  },
  "bill_to" : {
    "key" : "-LdqFpqAOm-dOl9xBtp2",
    "name" : "AGT Global Logistics "
  },
  "consignee" : {
    "key" : "-LdqHNMzPrP9epp_W-DS",
    "name" : "Exelon Peach Bottom"
  },
  "customer_reference" : "124914",
  "departure_airport" : {
    "code" : "MKE",
    "icao" : "KMKE",
    "key" : "90",
    "name" : "Milwaukee",
    "timezone" : "America/Chicago"
  },
  "last_update" : "2019-05-02T18:02:57.274Z",
  "level" : {
    "key" : "-LWlODaCFUcejExn41Rr",
    "name" : "Next Flight Out"
  },
  "milestones" : [ {
    "airport" : {
      "code" : "MKE",
      "icao" : "KMKE",
      "key" : "90",
      "name" : "Milwaukee",
      "timezone" : "America/Chicago"
    },
    "flight_time" : "2019-05-02T12:33:00.000Z",
    "status" : {
      "key" : "4",
      "name" : "completed"
    },
    "type" : {
      "key" : "0",
      "name" : "Picked up"
    }
  }, {
    "airport" : {
      "code" : "MKE",
      "icao" : "KMKE",
      "key" : "90",
      "name" : "Milwaukee",
      "timezone" : "America/Chicago"
    },
    "flight_time" : "2019-05-02T13:51:00.000Z",
    "status" : {
      "key" : "4",
      "name" : "completed"
    },
    "type" : {
      "key" : "1",
      "name" : "Dropped to departure airport"
    }
  }, {
    "airline" : {
      "key" : "195",
      "name" : "AAL"
    },
    "airport" : {
      "code" : "MKE",
      "icao" : "KMKE",
      "key" : "90",
      "name" : "Milwaukee",
      "timezone" : "America/Chicago"
    },
    "alert_id" : 29624287,
    "flight_number" : "4883",
    "flight_time" : "2019-05-02T16:28:03.000Z",
    "ident" : "PDT4883-1556601968-airline-0144",
    "img_url" : "....",
    "note" : "arrival ~ PDT4883 arrived at PHL from MKE",
    "status" : {
      "key" : "4",
      "name" : "completed"
    },
    "type" : {
      "key" : "2",
      "name" : "Departed Airport"
    }
  }, {
    "airline" : {
      "key" : "195",
      "name" : "AAL"
    },
    "airport" : {
      "code" : "PHL",
      "icao" : "KPHL",
      "key" : "108",
      "name" : "Philadelphia",
      "timezone" : "America/New_York"
    },
    "alert_id" : 29624287,
    "flight_number" : "4883",
    "flight_time" : "2019-05-02T18:02:00.000Z",
    "note" : "arrival ~ PDT4883 arrived at PHL from MKE",
    "status" : {
      "key" : "4",
      "name" : "completed"
    },
    "type" : {
      "key" : "4",
      "name" : "Arrived Airport"
    }
  }, {
    "airport" : {
      "code" : "PHL",
      "icao" : "KPHL",
      "key" : "108",
      "name" : "Philadelphia",
      "timezone" : "America/New_York"
    },
    "flight_time" : "2019-05-02T20:00:00.000Z",
    "status" : {
      "key" : 0,
      "name" : "planned"
    },
    "type" : {
      "key" : "6",
      "name" : "Out for delivery"
    }
  }, {
    "airport" : {
      "code" : "PHL",
      "icao" : "KPHL",
      "key" : "108",
      "name" : "Philadelphia",
      "timezone" : "America/New_York"
    },
    "flight_time" : "2019-05-02T21:30:00.000Z",
    "status" : {
      "key" : 0,
      "name" : "planned"
    },
    "type" : {
      "key" : "7",
      "name" : "Delivered"
    }
  } ],
  "pieces" : [ {
    "description" : "Valves",
    "height" : "11",
    "length" : "27",
    "qty" : "1",
    "units" : {
      "key" : "2",
      "name" : "IN"
    },
    "weight" : "50",
    "weight_units" : {
      "key" : "3",
      "name" : "LBS"
    },
    "width" : "19"
  } ],
  "protect_time" : "2019-05-02T21:30:00.000Z",
  "ready_time" : "2019-05-02T13:00:00.000Z",
  "shipper" : {
    "key" : "-LdqG3I48m662R7ABa5i",
    "name" : "FAIRBANKS MORSE - MKE"
  },
  "trip_id" : "LFC-155676269",
  "trip_notes" : [ {
    "date_time" : "2019-05-02T10:29:43.892Z",
    "display" : true,
    "note" : "delay ~ Philadelphia Intl (PHL) is experiencing all inbound flights being held at their origin due to low clouds"
  }, {
    "date_time" : "2019-05-02T13:05:52.708Z",
    "display" : true,
    "note" : "filed ~ PDT4883 (E145) filed to depart MKE @ Thu (02 May) 16:24 GMT for PHL @ ETA 18:09 GMT (02 May)  (UECKR5 SAMPL ADIME GERBS J146 CXR EWC JST BOJID2)"
  }, {
    "date_time" : "2019-05-02T14:51:00.000Z",
    "display" : true,
    "note" : "Shipment has been manifested onto flight AA4883 - TC"
  }, {
    "date_time" : "2019-05-02T16:28:31.325Z",
    "display" : true,
    "note" : "departure ~ PDT4883 (E145) departed MKE @ 16:28 GMT for PHL ETA 18:13 GMT"
  }, {
    "date_time" : "2019-05-02T18:02:57.274Z",
    "display" : true,
    "note" : "arrival ~ PDT4883 arrived at PHL from MKE"
  } ],
  "who_called" : {
    "key" : "-Ldsu71CgIJxh1DVTTCP",
    "name" : "Demo Customer"
  }
}

如您所见，customer.key和who_称为key匹配，但用户仍然无法看到数据。我不确定我在整个规则集中做错了什么。谢谢你的帮助

要允许用户查看他们添加的行程，请使用以下命令：

"trips": {
  ".indexOn": "archive",
  ".read": "auth.uid != null && query.orderByChild == 'who_called/key' &&
        query.equalTo == root.child('users/' + auth.uid + '/customer/key').val()",
  "$trip_id": {
        ".read": "data.child('who_called').child('key').val() === root.child('users').child(auth.uid).child('customer').child('key').val()",
    "notes": {
      "$note_id": {
        ".read": "data.child('display').val() === true"
      }
    }
  }
}

唯一的限制是，如果不使用规则中指定的查询，则无法访问用户的行程。这意味着你不能像这样访问旅行

"trips": {
  ".indexOn": "archive",
  ".read": "auth.uid != null && query.orderByChild == 'who_called/key' &&
        query.equalTo == root.child('users/' + auth.uid + '/customer/key').val()",
  "$trip_id": {
        ".read": "data.child('who_called').child('key').val() === root.child('users').child(auth.uid).child('customer').child('key').val()",
    "notes": {
      "$note_id": {
        ".read": "data.child('display').val() === true"
      }
    }
  }
}

firebase.database（）.ref（'users/USERID/customer/-Ldsu71CgIJxh1DVTTCP）

必须像这样做

firebase.database().ref('trips').orderByChild('who_called/key')
.equalTo('-Ldsu71CgIJxh1DVTTCP')

我试过了，效果很好。希望有帮助

您能发布更多代码吗？我看不出规则有什么问题。HM您在firebase服务旁边运行的是什么框架？请包括您用来测试此功能的代码。@sandra willford您试图访问哪些数据？使用您当前的规则，用户无法看到他们调用的所有行程，但可以看到他们调用的单个行程。。。。。如果这有道理的话。指定您试图访问的数据将有助于我们帮助您