stackoom
  简体   繁体   中英

do not get response data with firebase database rules

 原文  2019-12-04 15:07:38       javascript/ firebase/ firebase-realtime-database

Question

I do not get any return from firebase realtime database after adding a rule for my table of quotes. I expect all quotes to be returned where the auth.uid matches the owner value of the quote. However i get nothing.

Can anyone hep me out?

The rules are specified as:

{
  "rules": {
    "users":{
        ".read": "auth.uid != null",
        ".write": "auth.uid != null"     
    },
    "quotes":{
      "$uid":{
        ".read": "data.child('owner').val() === auth.uid",
      }
    }
  }
}

the quotes table is structured as follows:

{
  "1ec658d2-a7cb-45b8-8d9b-9c2a6783365d" : {
    "dateCreated" : "2019-12-02T16:06:50+01:00",
    "owner" : "DVRVSpeOXQV6wAmHAdpAe6iPQ5i2",
    "ownerName" : "testOost",
    "projectName" : "testProject1"
  },
  "96549b51-6356-4c37-a388-592561394d1a" : {
    "dateCreated" : "2019-09-25T14:58:13+02:00",
    "owner" : "xZBFCq4ho3V2G8dZTvK7RjsnTr43",
    "ownerName" : "timcastelijn",
    "projectName" : "testProject2"
  }
}

my code to access the data is

this.props.firebase.db.ref('quotes/').on('value', snapshot => {
  const quotesObject = snapshot.val();

  /* quotesObject is handled here */

});

UPDATE:SOLVED

the issue was solved with @frank-van-puffelen 's solution.

the new rules:

{
  "rules": {
    "users":{
        ".read": "auth.uid != null",
        ".write": "auth.uid != null"     
    },
    "quotes":{
      ".read": "auth.uid != null &&
                query.orderByChild == 'owner' &&
                query.equalTo == auth.uid" // restrict basket access to owner of quote
      }
    }
  }
}

the new snippet:

this.props.firebase.db.ref('quotes/').orderByChild("owner")
             .equalTo(this.authUser.uid)
             .on("value", snapshot => {

  const quotesObject = snapshot.val();

  ....

});

}

1 answers

solution1
 1 ACCPTED  2019-12-04 15:11:45

Your code tries to read from /quotes , but your rules allow no-one to read from /quotes . So the rules reject the read operation.

Keep in mind:

  • Rules don't filter data, instead they merely enforce the access rules.
  • If you want to only allow a user to read their own data, your code and rules need to work together to allow that.

In your current use-case you can simply modify the code to only read the node for that specific user:

var uid = firebase.auth().currentUser.uid;
this.props.firebase.db.ref('quotes/'+uid).on('value', snapshot => {
  const quotesObject = snapshot.val();

  /* quotesObject is handled here */

});

In other cases, you'll want to use a query in your code, and then validate that query in the rules.

For more on these see:

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Firebase Database RULES, problems in getting data Firebase database rules. Unable to write data Firebase Realtime Database Rules Based On Specific Data Firebase Database Rules - how not to overwrite existing data Firebase database StartAt Rules How do I get database data using firebase/nuxtjs How do I get data from firebase realtime database in web? Only user show his data rules firebase database Structuring Data with Firebase Rules Data is not get added into database(firebase)
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM