本文介绍了Firebase如何为树中深2级随机ID的孩子编写安全规则的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我有一个名为(people)的数据库节点,如下所示:

I have a database node called (people) that looks like this:

    people
    |
    |
    -------UserID1 //which is a random id
    |       |
    |       |
    |        ----UserId2 //which is a random id
    |            |
    |            |
    |            name:"some_name"
    |            id:"UserId2"
    |            image:"image_url" 
    |
    | 
    |
    -------UserId2
            |
            |
             ----UserId3
                 |
                 |
                 name:"some_name"
                 id:"UserId3"
                 image:"image_url"  

如果我们查看(people/UserID1/UserId2)节点:

由于UserId1和UserId2是2个随机ID,所以如果我们要向UserId2写入规则,我们会注意到它的深度是2个随机ID.

Since UserId1 and UserId2 are 2 random ids, then if we want to write a rule to UserId2 we will notice that it is 2 random id level deep.

我要在此指定的路径上写一条规则,说明以下内容:

What I want is to write a rule at this specified path that says these:

1)people/UserId1:可以由(UserID1)和(UserId2)编写.

1) people / UserId1 : can be written by (UserID1) and (UserId2).

2)people/UserId1:可由(UserID1)和(UserId2)读取.

2) people / UserId1 : can be read by (UserID1) and (UserId2).

3)people/UserId1/UserId2:必须以带有(名称,id,图像)的newData结尾.

3) people / UserId1 / UserId2 : must end up with a newData that has (name, id, image).

我该怎么做?

谢谢.

推荐答案

由于Firebase实时数据库规则级联进入更深的键,不建议允许people/UserId1UserId2写入,因为这将允许UserId2对存储在类似于people/UserId1/UserId3.

Due to the way Firebase Realtime Database rules cascade into deeper keys, allowing people/UserId1 to be writable by UserId2 is not advised, as this would allow UserId2 write access to the data of other users stored under people/UserId1 like people/UserId1/UserId3.

但是使用此特征,我们可以添加"允许阅读和使用的用户.随着我们对数据结构的深入了解,将获得写权限.

But using this trait, we can "add" users that are allowed read & write permissions as we go deeper into the data structure.

所以新的条件是:

  • people/UserId1-UserId1已读取&写访问权限
  • people/UserId1/UserId2-UserId2已读取&写访问权限
  • people/UserId1/UserId2-必须始终包含名称","id"和图像"键
  • people/UserId1/UserId3-UserId2无法读取/写入
  • people/UserId1 - UserId1 has read & write access
  • people/UserId1/UserId2 - UserId2 has read & write access
  • people/UserId1/UserId2 - must always contain 'name', 'id' and 'image' keys
  • people/UserId1/UserId3 - cannot be read/written by UserId2
{
"rules": {
  "people": {
    "$userId1": {
      "$userId2": {
        ".read": "auth.uid == $userId2", // add $userId2 to those granted read permission, cascades into deeper keys
        ".write": "auth.uid == $userId2", // add $userId2 to those granted write permission, cascades into deeper keys
        ".validate": "newData.hasChildren(['name', 'id', 'image'])" // any new data must have 'name', 'id' and 'image' fields.
      },
      ".read": "auth.uid == $userId1", // add $userId1 to those granted read permission, cascades into deeper keys
      ".write": "auth.uid == $userId1" // add $userId1 to those granted write permission, cascades into deeper keys
    }
  }
}

最后,如果还要求people/UserId1/UserId2/id等于UserId2,则可以更改".validate"规则以强制执行此操作:

Lastly, if it is also required that people/UserId1/UserId2/id is equal to UserId2, you can change the ".validate" rule to enforce this:

".validate": "newData.hasChildren(['name', 'id', 'image']) && newData.child('id').val() == $userId2" // any new data must have 'name', 'id' and 'image' fields and 'id' must have a value of $userId2

这篇关于Firebase如何为树中深2级随机ID的孩子编写安全规则的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

10-27 15:07