I have the following security rule:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
function no_write(field) {
return (!(field in request.resource.data) && !(field in resource.data))
|| (field in request.resource.data && field in resource.data && resource.data[field] == request.resource.data[field]);
}
function create_by_owner(field) {
return (!(field in request.resource.data) && !(field in resource.data)) || ((field in request.resource.data) && !(field in resource.data))
|| (field in request.resource.data && field in resource.data && resource.data[field] == request.resource.data[field]);
}
match /ll_profile/{user_id} {
allow read: if true;
allow write: if request.auth != null && user_id == request.auth.uid
&& no_write("last_changed") && create_by_owner("native_language");
}
}
}
The no_write
function restricts a field to be modified. And create_by_owner
only allows a field to be created, if the field already exists, no modification could be made. But when I run this unit test:
it("succeed to write to my own document authenticated displayed_name field", async () => {
const db = get_firestore(my_auth);
const testDoc = db.collection(collection).doc(my_id);
await firebase.assertSucceeds(testDoc.set({displayed_name: "123"}, {merge: true}));
})
It gives me an error of Null value error. for 'create' @ L30
Null value error. for 'create' @ L30
I am not restricting the write access of the field displayed_name
. What part of my rule is restricting this write access?
You get an null value error because resource
does not exist on create
,
If you need to use resource.data
in your rules you will have to split your write
in create
and update
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.