堆栈内存溢出
  简体   繁体   English

如何让VIP用户在firebase和firestore中可写

[英]How to make VIP users writable in firebase and firestore

 原文  2022-07-03 09:29:02       ios/ firebase/ firebase-security

问题描述

Firestore needs vip3 (users->uid->vip3 (Figure 1)) to write to a specific collection "post", while other collections can be written and read without vip3, My figure 1 Firestore is as shown: Firestore需要vip3(users->uid->vip3(图1))写入特定的集合“post”,而其他collections不用vip3也可以读写,我的图1 Firestore如图:

enter image description here在此处输入图像描述

This is the currently written rule这是目前的书面规则

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {

    function isAuthenticated() {
      return request.auth.uid != null;
    }
    
    function isVipUser(rsc) {
    return rsc.data.vip == 3;
    }

    match /Users/{userId} {
    allow read: if isAuthenticated();
    allow create, update: if isAuthenticated() && isVipUser(request.resource)
    }
}
}

How to write to achieve it, the database needs VIP3 (id->uid->Profile->vip3 (Figure 2)) to write to a specific collection "post", and other collections can be written and read without VIP3, My figure 2 database is as shown:怎么写实现呢,数据库需要VIP3(id->uid->Profile->vip3(图2))写入特定的集合“post”,其他collections可以不用VIP3读写,我的图2数据库如图:

enter image description here在此处输入图像描述

This is the currently written rule这是目前的书面规则

{
  "rules": {
    "some_path": {
      "$uid": {
        // Create a custom claim for each role or group
        // you want to leverage
        ".write":"data.child('ID').child(auth.uid).child('Profile').child('vip').val() === 3",
        ".read": "auth.uid != null && auth.token.reader == true"
      }
    }
  }
}

2 个解决方案

解决方案1
 0  2022-07-03 10:02:55

here's how u could achieve that:这是您如何实现的:

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {

    function isAuthenticated() {
      return request.auth.uid != null;
    }
    
    function isVipUser(rsc) {
    return rsc.data.vip == 3;
    }

    match /Users/{userId} {
    allow read: if isAuthenticated();
    allow create, update: if isAuthenticated() && isVipUser(request.resource)
    }

}

解决方案2
 0  2022-07-03 14:12:46

This rule doesn't match your data structure:此规则与您的数据结构不匹配:

data.child('users').child(auth.uid).child('VIP3').val() == 'Yes'

In your data structure there is a child named vip (all lowercase, no 3 in the key) with a numeric value of 3 .在您的数据结构中有一个名为vip的孩子(全部小写,键中没有3 ),其数值为3 There's also no top-level node users , but rather ID .也没有顶级节点users ,而是ID

So the correct check would be:所以正确的检查是:

data.child('ID').child(auth.uid).child('vip').val() === 3

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何只允许经过身份验证的用户在 Firebase Firestore 中创建集合? - How to allow only authenticated users to create a collection in Firebase Firestore? 如何确保您已在 Firebase 控制台上启用 Firestore? - How to make sure you have enabled Firestore on the Firebase console? 我如何在 flutter 和 firebase firestore 中制作价格范围过滤器 - How can i make price range filter in flutter and firebase firestore Firebase 用户和相关文档的 Firestore 安全规则 - Firebase Firestore Security Rules for Users and Associated Documents 如何构建 firebase firestore 数据库? - How to structure firebase firestore database? 如何在 Firebase Firestore 中访问 collections - How to access collections in Firebase Firestore 如何在 Firebase / Firestore 中创建用户时创建嵌套集合,用户可以在其中保存已添加书签的项目 - How to create a nested collection when creating a user in Firebase / Firestore where users can save bookmarked items 在 swift 中附加数组后,如何使表视图从 Firebase Firestore 加载数据 - How to make table view load data from Firebase Firestore after array is appended in swift 使 Firebase Firestore 集合可离线使用 - Make a Firebase Firestore collection available offline 如何在 firestore 数据库中搜索用户(使用 Auth)? - How serach users in firestore database (With Auth)?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM