问题描述

我在Firestore集合中有以下结构的称为清单"的文档:

I have documents in firestore collection called 'inventories' of the following structure:

{
    creator: string,
    images: string[],
}

创建者字段是创建文档的用户的uid.

the creator field is the uid of the user who created the document.

在"firestore规则"部分中，我具有以下规则:

In my firestore rules section I have the following rules:

service cloud.firestore {
   match /databases/{database}/documents {
     match /inventories/{inventoryid} {
       allow read, write: if request.auth.id == resource.data.creator;
     }
   }
 }

在离子应用程序中，我执行以下操作:

In my ionic application I do the following:

this.inventoryCollection = database.collection<Inventory[]>
    ('inventories', ref => ref.where('creator', '==', auth.currentUserId));

执行此操作时出现以下错误:

I get the following error when this executes:

Missing or insufficient permissions.

有人可以看到我在做什么错吗?我的规则有问题吗?还是我的代码调用了Firestore的问题?

Can anyone see what I am doing wrong? Is it a problem with my rules? Or is it a problem with my code calling the firestore?

推荐答案

您应该使用 request.auth.uid 而不是 request.auth.id ，请参见 https://firebase.google.com/docs/reference/rules/Rules.firestore.Request#auth

You should use request.auth.uid instead of request.auth.id, see https://firebase.google.com/docs/reference/rules/rules.firestore.Request#auth

此外，您应将规则分为两个子规则"，如下所示:

Also, you should divide your rules in two "sub-rules", as follows:

service cloud.firestore {
   match /databases/{database}/documents {
     match /inventories/{inventoryid} {
       allow read: if request.auth.id == resource.data.creator;
       allow write: if request.auth.id == request.resource.data.creator;
     }
   }
 }

请注意在 write 规则中使用 request.resource .

以下有关Firestore安全规则的官方视频对此进行了很好的解释: https://www.youtube.com/watch?v=eW5MdE3ZcAw

This is very well explained in the official following video about Firestore Security Rules: https://www.youtube.com/watch?v=eW5MdE3ZcAw

这篇关于Firestore安全规则权限问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！