Shi*_*eda 7 firebase firebase-security vue.js firebase-authentication google-cloud-firestore
Firestore安全规则不起作用.帮我.无法读取用户/用户ID的文档数据.
----------安全规则------------
service cloud.firestore {
match /databases/{database}/documents {
match /users/{userId=**} {
// Missing or insufficient permissions.
allow read, write: if request.auth.uid == userId
// this is work.
//allow read, write: if request.auth != null
}
}}
-------------- main.js --------------------
import Vue from 'vue'
import Quasar from 'quasar'
import firebase from 'firebase'
import 'firebase/firestore'
Vue.config.productionTip = false
Vue.use(Quasar)
let app;
firebase.initializeApp({
apiKey: "",
authDomain: "",
databaseURL: "",
projectId: "",
storageBucket: "",
messagingSenderId: ""
})
firebase.auth().onAuthStateChanged(user=> {
if (user) {
let ref = firebase.firestore().collection('users').doc(user.uid)
ref.get().then(snapshot=>{
// Error !! : Missing or insufficient permissions.
}
}
if(!app){
Quasar.start(() => {
app = new Vue({
el: '#q-app',
render: h => h(require('./App').default)
})
})
}
})
firebase ^ 4.8.0 vue ^ 2.5.0
显然,require.auth.uid似乎无法正常工作.我哪里有错?
Shi*_*eda 10
我能够自己解决它
match /users/{user} {
allow read, write: if request.auth.uid == user
match / {docs = **} {
allow read, write: if request.auth.uid == user
}
}
我按照我在这里找到的示例(在“用户”选项卡下)进行操作,效果很好:
// Grants a user access to a node matching their user ID
service firebase.storage {
match /databases/{database}/documents {
match /users/{userId}/{documents=**} {
allow read, write: if isOwner(userId);
}
}
function isOwner(userId) {
return request.auth.uid == userId;
}
}
| 归档时间: |
|
| 查看次数: |
4482 次 |
| 最近记录: |