stackoom
  简体   繁体   中英

Firebase Realtime Database validations rules not working

 原文  2020-11-15 18:59:57       reactjs/ firebase/ rest/ firebase-realtime-database/ firebase-security

Question

This is my first question, so if I miss to include something please tell me, and many thanks for reading it.

I have a realtime database with this structure:

-transactions
  -uid
    -transaction1...

When adding a new transaction with these rules:

{
  "rules": {
    
    "transactions": {
      "$uid":{
        ".read": "auth != null && auth.uid == $uid",
        ".write": "auth != null && auth.uid == $uid",
      }
    }
  }
}

And this url: (I am using the REST API)

POST https://{{appName}}.firebaseio.com/transactions/{{userId}}.json?auth={{TOKEN}}

With this data:

{
    "title": "Postman Test",
    "amount": 50,
    "date": "2020-11-15",
    "category": "other"
}

It works as expected. But when I add the following validation:

{
  "rules": {
    
    "transactions": {
      "$uid":{
        ".read": "auth != null && auth.uid == $uid",
        ".write": "auth != null && auth.uid == $uid",
          
        ".validate": "newData.hasChildren(['title','amount'])",
      }
    }
  }
}

It return the following error: "error": "Permission denied"

If i put !newData.hasChildren(['title', 'amount']) instead, it works, so i assume it is not reading the fields correctly.

I should mention that when i try this rule in the firebase page, they work, so i am confused.

I have read the documentation and searched for similar errors, but i can't fix it, so any help would be really appreciated.

Thank you very much.

1 answers

solution1
 1 ACCPTED  2020-11-16 11:26:52

I finally could find a solution, so I would post it here in case anyone has the same problem.

When using POST in Firebase Realtime Database , it creates a new node with a new automatic index, so all i had to add was the "$id" (or any other name) field to account for that, as follows:

{
  "rules": {
    
    "transactions": {
      "$uid":{
        ".read": "auth.uid == $uid",
        ".write": "auth != null && auth.uid == $uid",
        
        "$id":{
          
          ".validate": "newData.hasChildren(['amount','category','type','date'])",
            
            "amount": {
                ".validate": "newData.isNumber() && newData.val() >= 0",
            },
            "category": {
                ".validate": "newData.isString()",
            },
            "type": {
                ".validate": "newData.isString()",
            },
            "date": {
                ".validate": "newData.isString()",
            }
            
        }
      }
    }
  }
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Security of firebase realtime database rules React native get realtime database data not working (firebase)? Firebase 9 : Realtime database permission denied query from firebase realtime database Firebase realtime database is not getting updated How to filter request to Firebase realtime database Increment a value in Firebase Realtime Database (Redux) Firebase not adding data to Realtime database in React Firebase Realtime Database setup with hosting URLS Populate React Table with firebase realtime database data
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM