我正在尝试设置Firestore权限规则。这是我的数据以及我的规则和身份验证负载。
service cloud.firestore {
match /databases/{database}/documents {
match /questions/{questionId} {
allow create: if isAdmin() && emailVerified();
allow read: if isAdmin() && emailVerified();
allow update: if isAdmin() && emailVerified();
allow delete: if isAdmin() && emailVerified();
}
match /users/{userId} {
allow get: if isOwner(userId) && emailVerified();
}
}
function isAdmin2() {
return request.auth.uid == 'CoKtrTQEA8P18v0jtcDUt766rVl1';
}
function isAdmin() {
return getUserData().roles.keys().hasAny(['admin']);
}
function getUserData() {
return get(/databases/$(database)/documents/users/$(request.auth.uid)).data;
}
function emailVerified() {
return request.auth.token.email_verified;
}
function isOwner(userId) {
return request.auth.uid == userId;
}
function isSignedIn() {
return request.auth != null;
}
}
{
"uid": "CoKtrTQEA8P18v0jtcDUt766rVl1",
"token": {
"sub": "CoKtrTQEA8P18v0jtcDUt766rVl1",
"aud": "flying-pigs",
"email": "myemail@example.com",
"email_verified": true,
"phone_number": "",
"name": "",
"firebase": {
"sign_in_provider": "google.com"
}
}
}
当尝试读取问题列表时,isAdmin()每次都会返回false,而isAdmin2()可以很好地工作,但它是硬编码的。
我遗漏了什么?
发布于 2019-06-03 06:43:23
一旦我遇到了同样的问题,我最终会这样做:
function isAdmin(request) {
return ['admin'] in getUserData(request).roles
}
请确保您的函数接收请求作为参数,您的isAdmin和getUserData当前没有接收到它。这是如何帮助你的
https://stackoverflow.com/questions/56419357
复制相似问题