[英]How to make VIP users writable in firebase and firestore
Firestore needs vip3 (users->uid->vip3 (Figure 1)) to write to a specific collection "post", while other collections can be written and read without vip3, My figure 1 Firestore is as shown: Firestore需要vip3(users->uid->vip3(图1))写入特定的集合“post”,而其他collections不用vip3也可以读写,我的图1 Firestore如图:
enter image description here在此处输入图像描述
This is the currently written rule这是目前的书面规则
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
function isAuthenticated() {
return request.auth.uid != null;
}
function isVipUser(rsc) {
return rsc.data.vip == 3;
}
match /Users/{userId} {
allow read: if isAuthenticated();
allow create, update: if isAuthenticated() && isVipUser(request.resource)
}
}
}
How to write to achieve it, the database needs VIP3 (id->uid->Profile->vip3 (Figure 2)) to write to a specific collection "post", and other collections can be written and read without VIP3, My figure 2 database is as shown:怎么写实现呢,数据库需要VIP3(id->uid->Profile->vip3(图2))写入特定的集合“post”,其他collections可以不用VIP3读写,我的图2数据库如图:
enter image description here在此处输入图像描述
This is the currently written rule这是目前的书面规则
{
"rules": {
"some_path": {
"$uid": {
// Create a custom claim for each role or group
// you want to leverage
".write":"data.child('ID').child(auth.uid).child('Profile').child('vip').val() === 3",
".read": "auth.uid != null && auth.token.reader == true"
}
}
}
}
here's how u could achieve that:这是您如何实现的:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
function isAuthenticated() {
return request.auth.uid != null;
}
function isVipUser(rsc) {
return rsc.data.vip == 3;
}
match /Users/{userId} {
allow read: if isAuthenticated();
allow create, update: if isAuthenticated() && isVipUser(request.resource)
}
}
This rule doesn't match your data structure:此规则与您的数据结构不匹配:
data.child('users').child(auth.uid).child('VIP3').val() == 'Yes'
In your data structure there is a child named vip
(all lowercase, no 3
in the key) with a numeric value of 3
.在您的数据结构中有一个名为vip
的孩子(全部小写,键中没有3
),其数值为3
。 There's also no top-level node users
, but rather ID
.也没有顶级节点users
,而是ID
。
So the correct check would be:所以正确的检查是:
data.child('ID').child(auth.uid).child('vip').val() === 3
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.