在 Security Firstore Rules 中是否可以只让用户根据字段值读取数据?
[英]in Security Firstore Rules does it possible to only make users to read data depending on field value?
问题描述
for example in Firstore i have collection called products and every doc has boolen field called isAllow: false
例如,在Firstore中,我有一个名为products的集合,每个文档都有一个名为isAllow: false的布尔字段
now in Security Firstore Rules How to make users can read only the docs with true value of isAllow field and the same with write.. i read the documentation but couldn't understand exactly what i want现在在 Security Firstore Rules How to make users can only read only the docs with true value of isAllow field and the same with write.. 我阅读了文档,但无法准确理解我想要什么
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write;
}
}
}
2 个解决方案
解决方案1
2 2022-03-19 19:01:24
As Dharmaraj answered, you can allow only reading of those documents in security rules with:正如 Dharmaraj 回答的那样,您可以只允许阅读安全规则中的这些文档:
match /products/{product} {
allow read: if resource.data.isAllow == true;
}
But keep in mind that security rules are not filters on their own, and instead merely ensure the client doesn't try to read data it isn't permitted to.但请记住, 安全规则本身并不是过滤器,而只是确保客户端不会尝试读取不允许的数据。 To meet the security rule above, you'll also need to use a query to read the allowed data:为了满足上述安全规则,您还需要使用查询来读取允许的数据:
firebase.firestore()
.collection("products")
.where("isAllow", "==", true)
解决方案2
1 已采纳 2022-03-19 18:51:52
Yes,是的,
match /collection/{document} {
allow read: if resource.data.isAllow == true;
}
Here resource.data is a map of all of the fields and values stored in the document and the above rule will allow read operation only when isAllow field in the document being accessed is true.这里resource.data是存储在文档中的所有字段和值的 map,只有当被访问文档中的 isAllow 字段为真时,上述规则才允许读取操作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.