Fatal编程技术网
  • firebase/
  • Firebase云数据库规则-如何仅在用户id与对象中的密钥匹配的情况下检索数据?

Firebase云数据库规则-如何仅在用户id与对象中的密钥匹配的情况下检索数据?

firebase flutter google-cloud-firestore

Firebase云数据库规则-如何仅在用户id与对象中的密钥匹配的情况下检索数据?,firebase,flutter,google-cloud-firestore,firebase-security,Firebase,Flutter,Google Cloud Firestore,Firebase Security,是否有一种方法可以使用firebase规则检索具有特定“userID”值的所有项目。我试着阅读了所有的规则,并提出了这个规则,但它们不起作用: 我只想读取数据库中与auth.uid==userID匹配的文档 rules_version = '2'; service cloud.firestore { match /databases/{database}/documents { // Allow public read access, but only content owne

是否有一种方法可以使用firebase规则检索具有特定“userID”值的所有项目。我试着阅读了所有的规则,并提出了这个规则,但它们不起作用: 我只想读取数据库中与auth.uid==userID匹配的文档

rules_version = '2';
service cloud.firestore {
    match /databases/{database}/documents {

    // Allow public read access, but only content owners can write
    match /debtors/{userID}/{documents=**} {

      allow read: if request.auth.uid != null && request.auth.uid == userID;
      allow create: if request.auth.uid != null;
      allow update, delete: if request.auth.uid != null && request.auth.uid == userID;;
    }
  }
}
我收集了以下对象:

{firstname: "Aacis"
relation: "friend"
userID: "7ScK2T0T3SMUR1NJxjiCiRzTnm62"}
以颤振方式获取流:

stream: Firestore.instance
            .collection("debtors")
            .where("userID", isEqualTo: user.uid)
            .snapshots()
您是否将
auth.uid
设置为文档id,以及名为
userID
的对象键

Firestore.instance.collection("debtors").doc("7ScK2T0T3SMUR1NJxjiCiRzTnm62").set({
    firstname: "Aacis",
    relation: "friend",
    userID: "7ScK2T0T3SMUR1NJxjiCiRzTnm62"
})
如果只允许onwer读取访问,则应设置
allow read:If request.auth.uid!=null&&request.auth.uid==userID

如果要读取与auth.uid==resource.data.userID匹配的文档,则应设置
allow read:If request.auth.uid!=null&&request.auth.uid=resource.data.userID

如果要允许公共读取访问,则应设置
allow read:If true

此外,读取规则可以分为get和list


service cloud.firestore {
  match /databases/{database}/documents {
    // A read rule can be divided into get and list rules
    match /cities/{city} {
      // Applies to single document read requests
      allow get: if <condition>;

      // Applies to queries and collection read requests
      allow list: if <condition>;
    }

    // A write rule can be divided into create, update, and delete rules
    match /cities/{city} {
      // Applies to writes to nonexistent documents
      allow create: if <condition>;

      // Applies to writes to existing documents
      allow update: if <condition>;

      // Applies to delete operations
      allow delete: if <condition>;
    }
  }
}


因此,您没有将
auth.uid
设置为文档id,并且文档中名为
userID
的存储值与
auth.uid
匹配,您应该使用
resource.data.userID
request.resource.data.userID

请尝试以下代码


rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {

    match /debtors/{document=**} {

      allow read: if request.auth.uid != null && request.auth.uid == resource.data.userID;
      allow create: if request.auth.uid != null && request.auth.uid == request.resource.data.userID;
      allow update, delete: if request.auth.uid != null && request.auth.uid == resource.data.userID;
    }
  }
}


resource变量引用请求的文档,resource.data是文档中存储的所有字段和值的映射。有关资源变量的更多信息,请参阅参考文档

写入数据时,可能需要将传入数据与现有数据进行比较。在这种情况下,如果规则集允许挂起写入,则request.resource变量包含文档的未来状态。对于仅修改文档字段子集的更新操作,request.resource变量将包含操作后的挂起文档状态。您可以检查request.resource中的字段值,以防止不必要或不一致的数据更新:

见:


    

  • 

  • 

  • 

是否将
auth.uid
设置为文档id和名为
userID
的对象键


Firestore.instance.collection("debtors").doc("7ScK2T0T3SMUR1NJxjiCiRzTnm62").set({
    firstname: "Aacis",
    relation: "friend",
    userID: "7ScK2T0T3SMUR1NJxjiCiRzTnm62"
})


如果只允许onwer读取访问,则应设置
allow read:If request.auth.uid!=null&&request.auth.uid==userID

如果要读取与auth.uid==resource.data.userID匹配的文档,则应设置
allow read:If request.auth.uid!=null&&request.auth.uid=resource.data.userID

如果要允许公共读取访问,则应设置
allow read:If true

此外,读取规则可以分为get和list


service cloud.firestore {
  match /databases/{database}/documents {
    // A read rule can be divided into get and list rules
    match /cities/{city} {
      // Applies to single document read requests
      allow get: if <condition>;

      // Applies to queries and collection read requests
      allow list: if <condition>;
    }

    // A write rule can be divided into create, update, and delete rules
    match /cities/{city} {
      // Applies to writes to nonexistent documents
      allow create: if <condition>;

      // Applies to writes to existing documents
      allow update: if <condition>;

      // Applies to delete operations
      allow delete: if <condition>;
    }
  }
}


因此,您没有将
auth.uid
设置为文档id,并且文档中名为
userID
的存储值与
auth.uid
匹配,您应该使用
resource.data.userID
request.resource.data.userID

请尝试以下代码


rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {

    match /debtors/{document=**} {

      allow read: if request.auth.uid != null && request.auth.uid == resource.data.userID;
      allow create: if request.auth.uid != null && request.auth.uid == request.resource.data.userID;
      allow update, delete: if request.auth.uid != null && request.auth.uid == resource.data.userID;
    }
  }
}


resource变量引用请求的文档,resource.data是文档中存储的所有字段和值的映射。有关资源变量的更多信息,请参阅参考文档

写入数据时,可能需要将传入数据与现有数据进行比较。在这种情况下,如果规则集允许挂起写入,则request.resource变量包含文档的未来状态。对于仅修改文档字段子集的更新操作,request.resource变量将包含操作后的挂起文档状态。您可以检查request.resource中的字段值,以防止不必要或不一致的数据更新:

见:


    

  • 

  • 

  • 

我没有将auth.uid设置为文档id,因为我需要多个文档。。我只设置了userID:as auth.uidI没有将auth.uid设置为文档id,因为我需要多个文档。。我只将userID设置为auth.uid