cor*_*ons 3 firebase firebase-security firebase-authentication google-cloud-firestore
我有一些文章。
每篇文章都有一个参考字段,指向撰写该特定文章的作者的个人资料文件。
经过身份验证的用户(使用Firebase的Auth)将与这些配置文件相关联。
仅当该用户拥有该文章时,如何使这些文章可被当前登录用户编辑?
在Firestore的文档中,有一个重复的示例:
service cloud.firestore {
match /databases/{database}/documents {
// Allows you to edit the current user document (like a user's profile).
match /users/{userId} {
allow read, write: if request.auth.uid == userId;
}
// Allows you to read/write messages as long as you're logged in (doesn't matter who you're logged in as, so theoretically you could change other peoples' messages ).
match /rooms/{roomId} {
match /messages/{messageId} {
allow read, write: if request.auth != null;
}
}
}
}
如何构造和编辑某个用户拥有的文档的示例在哪里?
假设您有一个文档,其中owner: <uid>存储了例如,您可以执行以下操作:
service cloud.firestore {
match /databases/{database}/documents {
match /somecollection/{id} {
allow write: if resource.data.owner == request.auth.uid;
}
}
}