Using Firebase RuleDataSnapshot Methods to access user data

问题

If I have data like this:

        root{
           PrivateRooms{
             <PrivateRoomName>{
               ...
             }
           }
           users{
             <uid>{
               permissionFrom{
                   <PrivateRoomName>:value is not private room name 
               }
                ...
             }
           }
         }

...how do I write rules to grant access to < PrivateRoomName > based on the user's permissionFrom children?

I thought this would work:

{
  "rules": {
    "PrivateRooms" : {
      "$roomName":{
        ".read" : "root.child('users').child(auth.uid).child('permissionFrom').hasChild('$roomName') == true",
        ".write" : "root.child('users').child(auth.uid).child('permissionFrom').hasChild('$roomName') == true"
      }
    },
    "users" : {
      ".read" : true,
      ".write" : true
    }
  }
}

...but something must be wrong with the rules as this data snapshot is skipped over:

var testRef = new Firebase('https://my.firebaseio.com/privateRooms/<privateRoomName>/privRoomChild');
testRef.once("value", function(snapshot){
    var testVal = snapshot.val();
    console.log(testVal);
});

回答1:

In your rules, $roomName is a variable, so it should not be wrapped in quotes.

  "$roomName":{
    ".read" : "root.child('users').child(auth.uid).child('permissionFrom').hasChild($roomName)",
    ".write" : "root.child('users').child(auth.uid).child('permissionFrom').hasChild($roomName)"
  }

来源：https://stackoverflow.com/questions/33087702/using-firebase-ruledatasnapshot-methods-to-access-user-data

标签

firebase

firebase-security

易学教程内所有资源均来自网络或用户发布的内容，如有违反法律规定的内容欢迎反馈！
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!