问题描述
我试图让存储笔记对象火力地堡,以确保可将笔记阅读与写作者的用户安全规则的简单测试。
I am trying to make a simple test of storing notes objects in Firebase, with user security rules that ensure the notes can be read and write only to the author.
下面是存储在火力的数据看起来是这样的:
Here is what the data stored in firebase looks like:
my_firebase_db
- notes
- K835Tw_H28XXb-Sj4b
- text: "note 1 from author 1",
- user_id: "11b09925-534b-4955-ac55-3e234809432f"
- K835Tw_H28XXb-Sj4b
- text: "note 1 from author 2",
- user_id: "11b09925-534b-4955-ac55-4d223893382c"
- K835Tw_H28XXb-Sj4b
- text: "note 2 from author 2",
- user_id: "11b09925-534b-4955-ac55-4d223893382c"
角code(AngularFire)的认证与自定义标记,加载注释和方法,用户可以添加备注:
Angular code (AngularFire) that authenticates the user with a custom token, load notes and method to add a note:
var ref = new Firebase("https://xxx.firebaseio.com");
// Authenticate users with a custom authentication token
$firebaseAuth(ref).$authWithCustomToken(data.token).then(function(authData) {
console.log("Logged in as:", authData.uid);
$scope.user_id = authData.uid;
}).catch(function(error) {
console.error("Authentication failed:", error);
});
// Load notes
$scope.notes = $firebaseArray(ref.child('notes'));
$scope.addNote = function() {
note = {
user_id: $scope.user_id,
text: $scope.newNote.text
};
$scope.notes.$add(note);
};
安全性与;规则设置在火力地堡:
Security & rules setup in Firebase:
{
"rules": {
"notes": {
".read": "auth != null && data.child('user_id').val() === auth.uid",
".write": "auth != null && newData.child('user_id').val() === auth.uid"
}
}
}
使用这些规则,阅读和放大器;写是不允许的。
With these rules, read & write is not allowed.
如果我改变规则,这样做,则读取和放大器;写允许(但笔者可以阅读大家的注意事项):
If I change the rules to this, then read & write are allowed (but authors can read everybody's notes):
{
"rules": {
"notes": {
".read": "auth != null",
".write": "auth != null"
}
}
}
我怎么能写一个火力点安全规则,将允许授权用户阅读和放大器;写自己的笔记?
How can I write a security rule in firebase that will allow the authenticated user to read & write their own notes?
推荐答案
原来答案在这里:的。
这篇关于如何允许读/写对象仅与火力地堡身份验证的用户?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!