解决对燃烧规则的许可
我有3个Firestore收藏,发票,客户和Infos。我编写了以下规则以允许在用户身份验证的情况下允许在Firestore中读写。
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth != null;
}
}
}
我只想将此规则应用于Invoices和客户端 collections。对于Infos,每个人都应该能够从集合中读取和写入而无需认证。我试图按以下方式更改规则:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth != null;
}
}
match /databases/{database}/documents {
match /Infos {
allow read, write: if true;
}
}
}
但是,当我尝试从Infos读取数据而未经过身份验证时,我仍然会获得权限拒绝错误。
I have 3 Firestore collections, Invoices, Clients, and Infos. I wrote the following rule to allow read and write in Firestore only if the user is authenticated.
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth != null;
}
}
}
I want to apply this rule only to the Invoices and Clients collections. For Infos, everyone should be able to read and write from the collection without authentication. I tried to change the rule as follows:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth != null;
}
}
match /databases/{database}/documents {
match /Infos {
allow read, write: if true;
}
}
}
But I still get a permission denied error when I try to read data from Infos without being authenticated.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
以下规则应该解决问题:
对于
发票和客户端集合,您将能够读取并写入文档中的用户仅如果对它们进行身份验证,而对于Infos集合,则每个人都可以做到这一点,无论是否经过身份验证。The following rules should do the trick:
For the
InvoicesandClientscollection, the users you'll be able to read and write into the documents only if they are authenticated, while for theInfoscollection, everybody will be able to do that, no matter if it's authenticated or not.