0
因此,這裏是到目前爲止我的安全結構:火力地堡安全寫入規則
{
"rules":
{
"users":
{
"$user":
{
".read": true,
"Age":
{
".write": "$user === auth.uid",
".validate": "newData.isNumber()"
},
"Name":
{
".write": "$user === auth.uid",
".validate": "newData.isString()"
},
"friends":
{
"$friend":
{
"Age":
{
".write": "$user === auth.uid || $friend === auth.uid",
".validate": "newData.isString()"
},
"Name":
{
".write": "$user === auth.uid || $friend === auth.uid",
".validate": "newData.isNumber()"
}
}
}
}
}
}
}
現在,當我試圖寫「$用戶」給用戶,我有以下錯誤:
Attempt to write Success({"42":{"Age":42,"Name":"Nick","friends":{"11":{"Age":11,"Name":"Rob"}}}}) to /users with auth=Success({"id":42,"provider":"anonymous","uid":"anonymous:42"})
/
/users
No .write rule allowed the operation.
Write was denied.
當我設置.write
規則的用戶,那麼所有的寫操作規則將被改寫。我需要指定$user
的所有特徵只能寫成$user
,但$friend
可以寫成$friend
和$user
。當我推送用戶時,我會將其推送給朋友,但之後我需要朋友能夠在不同的用戶路徑上更改他們的數據。你有什麼想法?
謝謝!