问题
When a user signs up and they initialise their data in firestore, I want to validate that they aren't attempting to set their role (i.e. so they're not setting it to 'admin' for example).
I tried to write this:
match /users/{userId} {
allow create: if (signedInAs(userId) && !request.resource.data.role) || isAdmin();
...
...but I just see "Property role is undefined on object."
Is there a way to do this safely? Or does this mean I should always be initialising expected fields, even if it's just to the empty string? That doesn't seem to quite fit with the philosophy of NoSQL?
回答1:
Use the in operator to find out if a property of an object doesn't exist.
!("role" in request.resource.data)
This yields a boolean. See it in the rules API docs for the Map type.
来源:https://stackoverflow.com/questions/53458413/firestore-security-rules-how-to-validate-that-a-field-is-undefined