我正在为匿名用户设置显示名称,并希望确保新值与此设置的显示名称匹配.以下规则失败:
“name”:{“.validate”:“newData.val()== auth.token.name”}
为什么是这样? docs表示显示名称存储在auth.token.name中.
以下是我的firebase规则的完整副本:
{
"rules": {
".read": false,".write": false,"messages": {
".read": true,"$message": {
".write": "auth != null",".validate": "newData.hasChildren(['createdAt','text','user'])","createdAt": { ".validate": "newData.val() == now" },"text": { ".validate": "newData.isString() && newData.val().length > 0" },"user": {
".validate": "newData.hasChildren(['_id','name'])","_id": { ".validate": "newData.val() == auth.uid" },"name": { ".validate": "newData.val() == auth.token.name" },"$other": { ".validate": false }
},"$other": { ".validate": false }
}
}
}
}
解决方法
正如我在评论中提到的(从
the documentation开始):
Shallower security rules override rules at deeper paths. Child rules
can only grant additional privileges to what parent nodes have already
declared. They cannot revoke a read or write privilege.
这意味着您将无法写入数据库,因为您已在数据库的根节点声明了.write:false.您可能希望删除该行以具有如下结构:
{
"rules": {
".read": false,"$other": { ".validate": false }
}
}
}
}
显示名称确实存储在auth.token.name变量下.但是,当您在规则模拟器上使用默认的“匿名身份验证”时,它会使用此默认身份验证有效负载发送请求:
{
"provider": "anonymous","uid": "N4EbtSX5HbM9JLjsW6hWT3NWzAx1"
}
请注意,此有效内容下没有指定名称,因此,auth.token.name变量为null,安全规则拒绝写入.
您可以在模拟器上使用自定义有效负载,只需将auth提供程序从“匿名”更改为“自定义”,它允许您编辑有效负载,因此您可以使用此有效负载:
{
"provider": "anonymous","uid": "N4EbtSX5HbM9JLjsW6hWT3NWzAx1","token":{
"name": "Mike"
}
}
使用此auth有效负载,您在注释中提供的数据有效负载应该有效:
{
"createdAt": {
".sv": "timestamp"
},"text": "Test 1","user":
{
"_id": "48c83bf9-7354-4720-838f-8b68e0addd51","name": "Mike"
}
}
