如何使用安全规则对Firestore的公共收藏进行查询?
我在以这种方式定义的Firestore安全规则中有一个规则集:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
function isUserAllowed(root, metric) {
return metric != 'private-data' || (metric == 'private-data' && request.auth.token.sub in get(/databases/$(database)/documents/$(root)/users).data.users);
}
match /{root}/{doc} {
allow read: if root != 'ispd' && doc != 'users';
allow write: if false;
match /{metric}/{docs=**} {
allow read: if isUserAllowed(root, metric);
allow write: if false;
}
}
}
}
我正在尝试从React应用程序中执行此方法,
const checkForbiddenEmailDomain = (emailDomain) => {
const collectionRef = collection(db, 'forbidden-domains');
const q = query(collectionRef, where('domain', '==', emailDomain));
return getDocs(q)
.then(({ docs }) => {
if (docs.length > 0) {
const errorToThrown = { message: `The ${emailDomain} domain is forbidden` };
throw errorToThrown;
}
});
};
因为我正在访问禁止域公共的我不应该遇到问题,但是,我总是会遇到丢失或不足的权限。我知道Firestore文档中有一部分,他们说诸如“规则不是查询,Blablabla”之类的东西,埃及象形文字可能更简单地理解
I have a ruleset in Firestore Security Rules defined in this way:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
function isUserAllowed(root, metric) {
return metric != 'private-data' || (metric == 'private-data' && request.auth.token.sub in get(/databases/$(database)/documents/$(root)/users).data.users);
}
match /{root}/{doc} {
allow read: if root != 'ispd' && doc != 'users';
allow write: if false;
match /{metric}/{docs=**} {
allow read: if isUserAllowed(root, metric);
allow write: if false;
}
}
}
}
I'm trying to execute this method from my React application
const checkForbiddenEmailDomain = (emailDomain) => {
const collectionRef = collection(db, 'forbidden-domains');
const q = query(collectionRef, where('domain', '==', emailDomain));
return getDocs(q)
.then(({ docs }) => {
if (docs.length > 0) {
const errorToThrown = { message: `The ${emailDomain} domain is forbidden` };
throw errorToThrown;
}
});
};
Since I'm accessing forbidden-domains which is public I shouldn't have problems, however I always get Missing or insufficient permission. I know that there is the section in Firestore documentation where they say something like "Rules are not queries, blablabla", probably the Egyptian hieroglyphs are simpler to understand ????.
With no jokes, can someone help me? I really don't understand what should I do.
Thanks a lot!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我终于以这种方式修改了MU规则集,它有效:
I finally ended up modifying mu ruleset in this way, and it works: