问题
I am trying to write some rules on my DB that prevent the user from writing unless they are authenticated with a provider other than 'anonymous'. This is the rule that I have but for some reason it works when im logged in with facebook but not with email/password; I get a permission denied error. PS the email/pwd user was created before the upgraded SDK. Any thoughts why this is not working?
"updates": {
".read": "auth !== null",
".write": "auth !== null && auth.provider !== 'anonymous'",
"$location_id": {
".indexOn": "validFrom",
"$update_id": {
".validate": "newData.hasChildren(['displayName', 'place_id', 'name', 'statusValueId', 'update_id', 'user_id', 'validFrom', 'votes'])"
}
}
},
回答1:
The best way to check why this is not working is using the simulator in the firebase console.
You can find it in Database>Rules>Simulator (top-right corner)
- Select Write in the radio button
- Select the toggle "Authenticated", select the provider you want to test and write in "Auth token payload" your user's token
- Write in "Location" the path to your reference
- Paste in "Data (JSON)" the JSON object you want to write
- Click run and firebase will tell you which rule fails
回答2:
I suspect that you are hitting the same bug as me, where auth.provider is equal to anonymous for email/password authentication instead of password. Sadly, I haven't yet received an answer from the Firebase team.
auth.provider is not set to 'password' when user signs-in with email and password
Update: I received some great help in the Google groups page of Firebase. They confirmed the bug and provided a workaround. See the link below:
https://groups.google.com/d/topic/firebase-talk/C-ljg-CCKl0/discussion
来源:https://stackoverflow.com/questions/37900382/firebase-auth-rules-working-for-facebook-provider-but-not-email-pwd