我如何设置壁炉安全规则
我正在使用Firebase实时数据库。我有一个应用程序,用户可以在主页上共享帖子,评论并喜欢帖子,互相分数和评论,并互相发送消息。用户通过注册输入应用程序。有邮件验证要求。我的应用程序正在获取大量数据下载。我想这是因为没有安全规则。 如何设置此应用程序的安全规则?
我的数据库参考名称:
Post
PostLikes
PostComment
PostCommentLikes
PostCategory
PostFollow
OnlineUsers
Users
UsersPost
UsersFriendsList
UsersContact
UsersProfileComments
UsersRatings
UsersNotifications
NotificationsSeens
BlockedUsersList
Tokens
Lastmessage
message
PremiumAccountHolders
现在是我的规则:
{
"rules": {
".read": true,
".write": true
}
}
当我这样做时,主页将打开,但是当我按排行榜类(ref name usersratings)时,应用程序关闭。它说您无权访问。 :
{
"rules": {
"users": {
"$uid": {
".read": "$uid === auth.uid",
".write": "$uid === auth.uid"
}
}
}
}
- update-关闭错误:
Fatal Exception: com.google.firebase.database.DatabaseException
Firebase Database error: Permission denied
com.google.firebase.database.DatabaseError.toException (DatabaseError.java:230)
com.**.**.ScorBoard$3.onCancelled (ScorBoard.java:141)
com.google.firebase.database.core.ValueEventRegistration.fireCancelEvent (ValueEventRegistration.java:80)
com.google.firebase.database.core.view.CancelEvent.fire (CancelEvent.java:40)
com.google.firebase.database.core.view.EventRaiser$1.run (EventRaiser.java:55)
android.os.Handler.handleCallback (Handler.java:883)
android.os.Handler.dispatchMessage (Handler.java:100)
android.os.Looper.loop (Looper.java:237)
android.app.ActivityThread.main (ActivityThread.java:8167)
java.lang.reflect.Method.invoke (Method.java)
com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run (RuntimeInit.java:496)
com.android.internal.os.ZygoteInit.main (ZygoteInit.java:1100)
---更新---示例关闭Scorboard(learderboard)类:
mAuth = FirebaseAuth.getInstance();
currentUserID = mAuth.getCurrentUser().getUid();
UsersRef = FirebaseDatabase.getInstance().getReference().child("Users");
RatingsRef = FirebaseDatabase.getInstance().getReference().child("Ratings");
RatingsRef.keepSynced(false);
RatingsRef.child(currentUserID).child("Ratings").addListenerForSingleValueEvent(new ValueEventListener() {
@Override
public void onDataChange(DataSnapshot dataSnapshot) {
double sum = 0.0;
try {
for (DataSnapshot ds: dataSnapshot.getChildren()) {
Map<String,Object> map = (Map<String, Object>) ds.getValue();
Object rating = map.get("rating");
Double pvalue = Double.parseDouble(String.valueOf(rating));
sum += pvalue;
Map messageTextBody2 = new HashMap();
messageTextBody2.put("point", sum);
RatingsRef.child(currentUserID).updateChildren(messageTextBody2);
}
}catch (Exception e){
}
}
@Override
public void onCancelled(DatabaseError databaseError) {
throw databaseError.toException(); // don't ignore errors
}
});
getScor();
public void getScor(){
FirebaseRecyclerOptions<Comments> options =
new FirebaseRecyclerOptions.Builder<Comments>()
.setQuery(RatingsRef.orderByChild("point").limitToLast(currentpage * total_ITEMS),Comments.class)
.build();
FirebaseRecyclerAdapter<Comments,ScorViewHolder> adapter
=new FirebaseRecyclerAdapter<Comments, ScorViewHolder>(options)
{
@Override
protected void onBindViewHolder(@NonNull final ScorBoard.ScorViewHolder holder, int position, @NonNull Comments model) {
final String visit_user_id = getRef(position).getKey();
scorprog.setVisibility(View.GONE);
holder.mView.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
Intent intent = new Intent(context,ProfileClick.class);
intent.putExtra("visit_user_id",visit_user_id);
startActivity(intent);
}
});
UsersRef.child(visit_user_id).addListenerForSingleValueEvent(new ValueEventListener() {
@Override
public void onDataChange(@NonNull DataSnapshot dataSnapshot) {
if (dataSnapshot.hasChild("name")){
final String myUsername = dataSnapshot.child("name").getValue().toString();
holder.userName.setText(myUsername);
}
}
@Override
public void onCancelled(@NonNull DatabaseError databaseError) {
}
});
RatingsRef.child(visit_user_id).addListenerForSingleValueEvent(new ValueEventListener() {
@Override
public void onDataChange(@NonNull DataSnapshot dataSnapshot) {
if (dataSnapshot.hasChild("point")){
final String myPoint = dataSnapshot.child("point").getValue().toString();
holder.userPoint.setText(myPoint+" "+"Point");
}else {
holder.userPoint.setText("0 Point");
}
}
@Override
public void onCancelled(@NonNull DatabaseError databaseError) {
}
});
}
@NonNull
@Override
public ScorBoard.ScorViewHolder onCreateViewHolder(@NonNull ViewGroup viewGroup, int i) {
View view = LayoutInflater.from(viewGroup.getContext()).inflate(R.layout.scorboard_model_layout,viewGroup,false);
ScorBoard.ScorViewHolder viewHolder = new ScorBoard.ScorViewHolder(view);
return viewHolder;
}
};
adapter.startListening();
scorreflesh.setRefreshing(false);
scorrecy.setAdapter(adapter);
}
I am using firebase real time database. I have an application where users can share posts on the homepage, comment and like on posts, give each other points and comments, and message each other. Users enter the application by registering. There is a mail verification requirement. My app is getting a lot of data downloads. I guess it's because there are no security rules.
How do I set the security rules of this application?
My database ref names:
Post
PostLikes
PostComment
PostCommentLikes
PostCategory
PostFollow
OnlineUsers
Users
UsersPost
UsersFriendsList
UsersContact
UsersProfileComments
UsersRatings
UsersNotifications
NotificationsSeens
BlockedUsersList
Tokens
Lastmessage
message
PremiumAccountHolders
now my rules:
{
"rules": {
".read": true,
".write": true
}
}
When I do this, the home page opens, but when I press the leaderboard class (ref name UsersRatings) for example, the application closes. It says you don't have permission to access. :
{
"rules": {
"users": {
"$uid": {
".read": "$uid === auth.uid",
".write": "$uid === auth.uid"
}
}
}
}
--Update-- Shutdown Error :
Fatal Exception: com.google.firebase.database.DatabaseException
Firebase Database error: Permission denied
com.google.firebase.database.DatabaseError.toException (DatabaseError.java:230)
com.**.**.ScorBoard$3.onCancelled (ScorBoard.java:141)
com.google.firebase.database.core.ValueEventRegistration.fireCancelEvent (ValueEventRegistration.java:80)
com.google.firebase.database.core.view.CancelEvent.fire (CancelEvent.java:40)
com.google.firebase.database.core.view.EventRaiser$1.run (EventRaiser.java:55)
android.os.Handler.handleCallback (Handler.java:883)
android.os.Handler.dispatchMessage (Handler.java:100)
android.os.Looper.loop (Looper.java:237)
android.app.ActivityThread.main (ActivityThread.java:8167)
java.lang.reflect.Method.invoke (Method.java)
com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run (RuntimeInit.java:496)
com.android.internal.os.ZygoteInit.main (ZygoteInit.java:1100)
---Update--- example closing scorboard (learderboard) class:
mAuth = FirebaseAuth.getInstance();
currentUserID = mAuth.getCurrentUser().getUid();
UsersRef = FirebaseDatabase.getInstance().getReference().child("Users");
RatingsRef = FirebaseDatabase.getInstance().getReference().child("Ratings");
RatingsRef.keepSynced(false);
RatingsRef.child(currentUserID).child("Ratings").addListenerForSingleValueEvent(new ValueEventListener() {
@Override
public void onDataChange(DataSnapshot dataSnapshot) {
double sum = 0.0;
try {
for (DataSnapshot ds: dataSnapshot.getChildren()) {
Map<String,Object> map = (Map<String, Object>) ds.getValue();
Object rating = map.get("rating");
Double pvalue = Double.parseDouble(String.valueOf(rating));
sum += pvalue;
Map messageTextBody2 = new HashMap();
messageTextBody2.put("point", sum);
RatingsRef.child(currentUserID).updateChildren(messageTextBody2);
}
}catch (Exception e){
}
}
@Override
public void onCancelled(DatabaseError databaseError) {
throw databaseError.toException(); // don't ignore errors
}
});
getScor();
public void getScor(){
FirebaseRecyclerOptions<Comments> options =
new FirebaseRecyclerOptions.Builder<Comments>()
.setQuery(RatingsRef.orderByChild("point").limitToLast(currentpage * total_ITEMS),Comments.class)
.build();
FirebaseRecyclerAdapter<Comments,ScorViewHolder> adapter
=new FirebaseRecyclerAdapter<Comments, ScorViewHolder>(options)
{
@Override
protected void onBindViewHolder(@NonNull final ScorBoard.ScorViewHolder holder, int position, @NonNull Comments model) {
final String visit_user_id = getRef(position).getKey();
scorprog.setVisibility(View.GONE);
holder.mView.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
Intent intent = new Intent(context,ProfileClick.class);
intent.putExtra("visit_user_id",visit_user_id);
startActivity(intent);
}
});
UsersRef.child(visit_user_id).addListenerForSingleValueEvent(new ValueEventListener() {
@Override
public void onDataChange(@NonNull DataSnapshot dataSnapshot) {
if (dataSnapshot.hasChild("name")){
final String myUsername = dataSnapshot.child("name").getValue().toString();
holder.userName.setText(myUsername);
}
}
@Override
public void onCancelled(@NonNull DatabaseError databaseError) {
}
});
RatingsRef.child(visit_user_id).addListenerForSingleValueEvent(new ValueEventListener() {
@Override
public void onDataChange(@NonNull DataSnapshot dataSnapshot) {
if (dataSnapshot.hasChild("point")){
final String myPoint = dataSnapshot.child("point").getValue().toString();
holder.userPoint.setText(myPoint+" "+"Point");
}else {
holder.userPoint.setText("0 Point");
}
}
@Override
public void onCancelled(@NonNull DatabaseError databaseError) {
}
});
}
@NonNull
@Override
public ScorBoard.ScorViewHolder onCreateViewHolder(@NonNull ViewGroup viewGroup, int i) {
View view = LayoutInflater.from(viewGroup.getContext()).inflate(R.layout.scorboard_model_layout,viewGroup,false);
ScorBoard.ScorViewHolder viewHolder = new ScorBoard.ScorViewHolder(view);
return viewHolder;
}
};
adapter.startListening();
scorreflesh.setRefreshing(false);
scorrecy.setAdapter(adapter);
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论