问题描述
我遵循。
我有这个简单的结构:
pre $ - 请求
- request_id:{...}
- request_id:{...}
...
和我的安全规则:
{
rules :{
requests:{$ b $.indexOn:[id_company_owner,id_app_user],
$ request_id:{
/ /只有最后十分钟的请求才能被读取
.read:data.child('timestamp').val()>(now - 600000),
}
}
}
}
使我的请求可读。但是我已经到了$ request_id的内部(而不是外部),但没有请求被读取;即使请求的时间不到10分钟以前。有人能解释为什么吗?
如果不查看实际数据,很难说明问题,但Firebase安全规则是全部或全无。 Firebase安全规则不要过滤数据。
也就是说,如果您尝试将侦听器附加到 / requests
,甚至单个项目由于安全规则而不允许被读取,它们都不能被读取。您需要监听单个项目或重新构建数据,以完成此过滤行为。
I'm following the Firebase security tutorial.
I have this simple structure:
- requests
- request_id: {...}
- request_id: {...}
...
And my security rules:
{
"rules": {
"requests": {
".indexOn": ["id_company_owner", "id_app_user"],
"$request_id": {
// only request from the last ten minutes can be read
".read": "data.child('timestamp').val() > (now - 600000)",
}
}
}
}
All I want right now with my rule is to make my request readable. But I've to this inside (not outside) of $request_id, but no request is being readable; even if the request have the timestamp with less than 10 minutes ago. Can someone explain why?
It's hard to tell without looking at the actual data, but Firebase security rules are all-or-nothing. Firebase security rules do not filter data.
That is, if you attempted to attach a listener to /requests
, and even a single item is not allowed to be read due to a security rule, none of them can be read. You'll need to listen for individual items, or restructure your data, to accomplish this "filtering" behavior.
这篇关于Firebase规则不起作用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!