在Firebase实时数据库中遇到仅创建规则的问题
我正在尝试创建一个卡甲板数据库。 我有一个节点,“甲板”。它内部的节点更多,编号为“ 00001”。内部“ 00001”是每个卡的节点,适当编号,并且每个卡节点内部是卡数据。
deck
00001
card001
SetCode:Alpha
SetID:001
card002
etc.
我的问题是涉及安全规则。我不希望任何人都能更新或删除任何甲板。
"decks":{
"$deckId":{
".validate": "$deckId.matches(/^[0-9]{5,5}$/) && $deckId.length == 5 && data.val() == null && newData.val() != null",
"$cardNumber":{
".validate": "$cardNumber.matches(/^[C][a][r][d][0](30|2[0-9]|1[0-9]|[0][1-9])$/) && $cardNumber.length == 7",
"SetCode":{".validate": "newData.isString()&& newData.val().matches(/^[A-Z][a-z]{4}$/)"},
"SetID":{".validate": "newData.isString()&& newData.val().matches(/^[0-9]{3}$/)"},
}}}
而且,我似乎找不到一组规则,使我可以制作一个新的甲板,同时还可以阻止任何人删除它或更新现有甲板。 我尝试过的一些规则是:
".write": "auth != null",
".write": "data.val() == null && newData.hasChildren() != null",
".write": "!data.exists()"
".write": "data.val() == null && newData.val() != null"
在规则的各种“深度”中,但是我一直在与此相反的几个小时。如果有人可以以正确的“深度”指出正确的规则,我将非常感谢。
编辑:我认为会起作用的主要实例 - 并且我在仅创建规则的多个资源上找到了:
'decks':{
".write": "data.val() == null && newData.val() != null",
}
可能是我将其放置在错误的深度中,或者如果没有其他因素,我还没有考虑到,但我不明白为什么这不起作用。我没有任何其他关于更高级别的读/书写规则。
I'm trying to create a card deck database.
I have a node, "decks". Inside it are more nodes, numbered from '00001'. Inside '00001' is a node for each card, numbered appropriately, and inside each card node is the card data.
deck
00001
card001
SetCode:Alpha
SetID:001
card002
etc.
My problem is when it comes to the security rules. I don't want anyone to be able to update or delete any decks.
"decks":{
"$deckId":{
".validate": "$deckId.matches(/^[0-9]{5,5}$/) && $deckId.length == 5 && data.val() == null && newData.val() != null",
"$cardNumber":{
".validate": "$cardNumber.matches(/^[C][a][r][d][0](30|2[0-9]|1[0-9]|[0][1-9])$/) && $cardNumber.length == 7",
"SetCode":{".validate": "newData.isString()&& newData.val().matches(/^[A-Z][a-z]{4}$/)"},
"SetID":{".validate": "newData.isString()&& newData.val().matches(/^[0-9]{3}$/)"},
}}}
and I can't seem to find a set of rules that lets me make a new deck while also preventing anyone from deleting it or updating an existing deck.
Some rules I've tried are:
".write": "auth != null",
".write": "data.val() == null && newData.hasChildren() != null",
".write": "!data.exists()"
".write": "data.val() == null && newData.val() != null"
in various 'depths' of the rules, but I've been hitting my head against this for hours now. If someone could point me to the correct rule in the correct 'depth', I would be very grateful.
Edit: The main instance that I thought would work - and that I had found on multiple resources for Creation-Only rules, was:
'decks':{
".write": "data.val() == null && newData.val() != null",
}
It could be that I'm putting it in the wrong depth or if there's some other factor I haven't taken into account, but I don't understand why this doesn't work. I don't have any other read/write rules on higher levels.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
问题是您定义规则的地方,而不是其内容。
您需要在发生写操作的确切路径上定义规则。由于您想允许创建一个新的甲板,因此您需要该规则在单个甲板上,您可以通过使用通配符变量:
The problem is where you defined the rule, not their contents.
You need to define the rule on the exact path where the write operation occurs. Since you want to allow creating a new deck, you need the rule to be on the individual deck, which you can do by using a wildcard variable: