0

以下是我的 Firebase 安全规则:

安全规则.json 
{
  "rules": {
    "users": {
      "$uid": {
        ".write": "auth.uid === $uid",
        ".read": "auth.uid === $uid"
      }
    }
  }
}

当我的路径以users目录结尾时,它工作正常。如:

https://my-firebase.firebaseio.com/users/my-user-id.json

但是当我尝试直接发布到子目录时,如下:

https://my-firebase.firebaseio.com/users/my-user-id/settings.json

它不起作用。

问题

我需要对 security-rules.json 文件(或其他任何内容)做什么才能直接写入用户的子目录?

编辑:

有人建议,“只需扩展您的规则以包含设置。” 所以我尝试了这个:

安全规则.json 
{
  "rules": {
    "users": {
      "$uid": {
        ".write": "auth.uid === $uid",
        ".read": "auth.uid === $uid"
      },
      "settings": {
        ".write": "auth.uid === $uid",
        ".read": "auth.uid === $uid"
      }
    }
  }
}

这会引发以下错误:

9:30: Unknown variable '$uid'.
10:31: Unknown variable '$uid'.
4

2 回答 2

2

这适用于模拟器:

{
  "rules": {
    "users": {
      "$uid": {
        ".read": "auth != null && auth.uid == $uid",
        ".write": "auth != null && auth.uid == $uid",
        "settings": {
        }
      }
    }
  }
}
于 2015-12-15T11:30:38.723 回答
1

After further testing, I found the security rules contained in the OP also work in the simulator:

security-rules.json 
{
  "rules": {
    "users": {
      "$uid": {
        ".write": "auth.uid === $uid",
        ".read": "auth.uid === $uid"
      }
    }
  }
}

There is no need to add additional rules for writing deeper into the node tree. The highest level permissions are sufficient.

Aside: My problem appears to be something other than the security rules I'm using. I must do more research, experimentation and testing.

于 2015-12-16T19:45:30.173 回答