Javascript 创建的Firestore安全规则空值错误
我有以下安全规则:Javascript 创建的Firestore安全规则空值错误,javascript,firebase,google-cloud-firestore,firebase-security,Javascript,Firebase,Google Cloud Firestore,Firebase Security,我有以下安全规则: rules_version = '2'; service cloud.firestore { match /databases/{database}/documents { function no_write(field) { return (!(field in request.resource.data) && !(field in resource.data)) || (field in request.resou
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
function no_write(field) {
return (!(field in request.resource.data) && !(field in resource.data))
|| (field in request.resource.data && field in resource.data && resource.data[field] == request.resource.data[field]);
}
function create_by_owner(field) {
return (!(field in request.resource.data) && !(field in resource.data)) || ((field in request.resource.data) && !(field in resource.data))
|| (field in request.resource.data && field in resource.data && resource.data[field] == request.resource.data[field]);
}
match /ll_profile/{user_id} {
allow read: if true;
allow write: if request.auth != null && user_id == request.auth.uid
&& no_write("last_changed") && create_by_owner("native_language");
}
}
}
no_write
函数限制要修改的字段。而create\u by\u owner
只允许创建字段,如果该字段已经存在,则无法进行修改。但是当我运行这个单元测试时:
it("succeed to write to my own document authenticated displayed_name field", async () => {
const db = get_firestore(my_auth);
const testDoc = db.collection(collection).doc(my_id);
await firebase.assertSucceeds(testDoc.set({displayed_name: "123"}, {merge: true}));
})
它给我一个
Null值错误。对于'create'@L30
,我没有限制显示的\u name字段的写入权限。我的规则的哪一部分限制了这种写访问?您会得到一个空值错误,因为资源
在创建
上不存在
如果需要在规则中使用resource.data
,则必须在create
和update
中拆分写入