0

这是我的火力基地规则

{
  "rules": {
    ".read": "auth != null",
    ".write": "root.child('users/auth.id/user_type').val() == 'admin'"
  }
}

我的用户节点。(数据是伪造的)

{
  "users" : {
    "2anxMpsdsxsd5K2" : {
      "user_email" : "dsds@gmail.com",
      "user_name" : "dsd",
      "user_photo_url" : "somepic.jpg",
      "user_roles" : {
        "writer" : true
      }
    },
    "z8uzffddelsSl1" : {
      "user_email" : "xcxc@gmail.com",
      "user_name" : "xcxc",
      "user_photo_url" : "fb-picture",
      "user_type" : "admin"
    }
  }
}

我尝试使用用户角色,但仍被拒绝写作。我的规则会是错误的吗?

4

1 回答 1

1

This is what I came up with.

{
  "rules": {

        "users": {
      ".read": "auth != null",
      "$user_id": {

        ".write": "auth.uid == $user_id || root.child('users').child(auth.uid).child('user_type').val() == 'admin'"
      }
    },
    // "news": {
    //   "$news_id": {
    //     ".read": "auth != null",
    //     ".write": "auth.uid == root.child('news').child($news_id).child('news_author_id').val() || root.child('users').child(auth.uid).child('user_type').val() == 'news_contributor' || root.child('users').child(auth.uid).child('user_type').val() == 'admin' "
    //   }
    // },

    "programs": {
      ".read": "auth != null",
      "courses": {
                "$course_id": {

          ".write": "auth.uid == root.child('programs').child('courses').child($course_id).child('program_author_id').val() || root.child('users').child(auth.uid).child('user_type').val() == 'admin'"
        }
      },
      "tracks": {
        ".read": "auth != null",
                "$track_id": {

          ".write": "auth.uid == root.child('programs').child('tracks').child($track_id).child('program_author_id').val() || root.child('users').child(auth.uid).child('user_type').val() == 'program_contributor' ||  root.child('users').child(auth.uid).child('user_type').val() == 'admin'"
        }
      }
    },

    "news": {
      ".read": "auth != null",
      "$news_id": {

        ".write": "root.child('users').child(auth.uid).child('user_type').val() == 'news_contributor' || auth.uid == root.child('news').child($news_id).child('news_author_id').val() == auth.uid || root.child('users').child(auth.uid).child('user_type').val() == 'admin'"
      }
    }
  }
}

One problem though.

this error pops up error TS7027: Unreachable code detected.

于 2018-08-23T12:50:55.993 回答