防止著作根据firebase中的用户类型记录吗？

发布于 2025-01-25 18:29:05 字数 324 浏览 2 评论 0 原文

我有一个在此集合中共享的集合，我将拥有一个文档，该文档将用作管理员和客户之间的联系（因此客户可以推动其在线状态，因此管理员也是如此），我想制定的是一个安全规则管理员仅修改他的提交（Onlineadmin：true）

和客户端仅修改其文档（OnlineClients：{clientId：true}）。可以使用规则完成吗？如果是这样，如何将写作限制为每个用户类型，并且取决于在这种情况下的内容？

doc model

原文

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

攒眉千度 2025-02-01 18:29:05

是的，这是完全可能的，并且在。从那里有这些示例规则，以定义Firestore文档中的角色时：

service cloud.firestore {
  match /databases/{database}/documents {
    // For attribute-based access control, Check a boolean `admin` attribute
    allow write: if get(/databases/$(database)/documents/users/$(request.auth.uid)).data.admin == true;
    allow read: true;

    // Alterntatively, for role-based access, assign specific roles to users
    match /some_collection/{document} {
     allow read: if get(/databases/$(database)/documents/users/$(request.auth.uid)).data.role == "Reader"
     allow write: if get(/databases/$(database)/documents/users/$(request.auth.uid)).data.role == "Writer"
   }
  }
}

以及定义自定义属性中的角色时的这些规则：

service cloud.firestore {
  match /databases/{database}/documents {
    // For attribute-based access control, check for an admin claim
    allow write: if request.auth.token.admin == true;
    allow read: true;

    // Alterntatively, for role-based access, assign specific roles to users
    match /some_collection/{document} {
     allow read: if request.auth.token.reader == "true";
     allow write: if request.auth.token.writer == "true";
   }
  }
}

我还建议从该主题的Firebase专家查看此视频：

Yup, that is totally possible and covered quite well in the Firebase documentation on role based access control. From there come these example rules for when you define the roles in Firestore documents:

service cloud.firestore {
  match /databases/{database}/documents {
    // For attribute-based access control, Check a boolean `admin` attribute
    allow write: if get(/databases/$(database)/documents/users/$(request.auth.uid)).data.admin == true;
    allow read: true;

    // Alterntatively, for role-based access, assign specific roles to users
    match /some_collection/{document} {
     allow read: if get(/databases/$(database)/documents/users/$(request.auth.uid)).data.role == "Reader"
     allow write: if get(/databases/$(database)/documents/users/$(request.auth.uid)).data.role == "Writer"
   }
  }
}

And these rules for when you define the roles in custom attributes:

service cloud.firestore {
  match /databases/{database}/documents {
    // For attribute-based access control, check for an admin claim
    allow write: if request.auth.token.admin == true;
    allow read: true;

    // Alterntatively, for role-based access, assign specific roles to users
    match /some_collection/{document} {
     allow read: if request.auth.token.reader == "true";
     allow write: if request.auth.token.writer == "true";
   }
  }
}

I also recommend checking out this video from a Firebase expert on the topic: Implementing Authorization Models

回复收藏 0 原文

~没有更多了~