[英]how to avoid permission denied with a subcollection in firestore?
I have a denied permission when i tried to read my subcollection.当我试图阅读我的子集时,我的权限被拒绝了。
This is my collection and subcollection i have Teams/membersList这是我的收藏和子收藏,我有 Teams/membersList
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
//Grants only a user access to its own data
match /users/{userId} {
allow read, write: if request.auth.uid == userId;
}
//Allow requests from authenticated users
match/Users/{document=**}{
allow read, write: if request.auth != null;
}
match/Teams/{document=**}{
allow read, write: if request.auth != null;
match /membersList/{membersList} {
allow read, write: if request.auth != null;
}
}
match /Teams/{userId} {
allow read, write: if request.auth.uid == userId;
}
match /Teams/memberLists/{document=**}{
allow read, write: if request.auth != null;
}
}
}
this is the part of my code with a denied permission这是我的代码的一部分,但权限被拒绝
let fetch = async () => {
firestore()
.collection("Teams")
.where("uid", "==", await AsyncStorage.getItem("userID"))
.get()
.then((querySnapshot) => {
if (querySnapshot.empty) {
console.log("no documents found");
} else {
querySnapshot.forEach(async (doc) => {
let Teams = doc._data.Activity;
console.log(Teams);
updateActivity((arr) => [...arr, Teams]);
console.log(Activity);
firestore()
.collection("membersList")
.get()
.then((documentSnapshot) => {
console.log("User exists: ", documentSnapshot.exists);
if (documentSnapshot.exists) {
console.log("User data: ", documentSnapshot.data());
}
});
});
}
});
I've still have permission denied after writing this rules.编写此规则后,我的权限仍然被拒绝。 Do you have any ideas??你有什么想法??
This code:这段代码:
firestore()
.collection("membersList")
.get()
This reads from a top-level collection called membersList
, which doesn't exist in your rules.这从名为membersList
的顶级集合中读取,该集合在您的规则中不存在。 So the user doesn't have access to the data, and the read gets rejected.所以用户无权访问数据,并且读取被拒绝。 Even if the collection doesn't exist, the read gets rejected.即使集合不存在,读取也会被拒绝。
If you want to read from the membersList
subcollection of the current team, that's be:如果你想从当前团队的membersList
子集合中读取,那就是:
doc
.ref
.collection("membersList")
.get()
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.