那些遇到过的问题

firestore规则中可用的循环?

Mug*_*tsu 4 firebase firebase-security google-cloud-firestore

我想知道是否有更简单的方法来实现这个规则.刚开始尝试使用firestore.

match /emails/{emailId} {

    allow write: if request.resource.data.attachments.size() == 0
    || request.resource.data.attachments.size() == 1 && request.resource.data.attachments[0].fileSize < 3 * 1024 * 1024 && (request.resource.data.attachments[0].filetype == 'image/png' || request.resource.data.attachments[0].filetype == 'image/jpg' || request.resource.data.attachments[0].filetype == 'application/vnd.ms-excel')
    || request.resource.data.attachments.size() == 2 && request.resource.data.attachments[0].fileSize < 3 * 1024 * 1024 && (request.resource.data.attachments[0].filetype == 'image/png' || request.resource.data.attachments[0].filetype == 'image/jpg' || request.resource.data.attachments[0].filetype == 'application/vnd.ms-excel') && request.resource.data.attachments[1].fileSize < 3 * 1024 * 1024 && (request.resource.data.attachments[1].filetype == 'image/png' || request.resource.data.attachments[1].filetype == 'image/jpg' || request.resource.data.attachments[1].filetype == 'application/vnd.ms-excel')
    || request.resource.data.attachments.size() == 3 && request.resource.data.attachments[0].fileSize < 3 * 1024 * 1024 && (request.resource.data.attachments[0].filetype == 'image/png' || request.resource.data.attachments[0].filetype == 'image/jpg' || request.resource.data.attachments[0].filetype == 'application/vnd.ms-excel') && request.resource.data.attachments[1].fileSize < 3 * 1024 * 1024 && (request.resource.data.attachments[1].filetype == 'image/png' || request.resource.data.attachments[1].filetype == 'image/jpg' || request.resource.data.attachments[1].filetype == 'application/vnd.ms-excel') && request.resource.data.attachments[2].fileSize < 3 * 1024 * 1024 && (request.resource.data.attachments[2].filetype == 'image/png' || request.resource.data.attachments[2].filetype == 'image/jpg' || request.resource.data.attachments[2].filetype == 'application/vnd.ms-excel')
    || request.resource.data.attachments.size() == 4 && request.resource.data.attachments[0].fileSize < 3 * 1024 * 1024 && (request.resource.data.attachments[0].filetype == 'image/png' || request.resource.data.attachments[0].filetype == 'image/jpg' || request.resource.data.attachments[0].filetype == 'application/vnd.ms-excel') && request.resource.data.attachments[1].fileSize < 3 * 1024 * 1024 && (request.resource.data.attachments[1].filetype == 'image/png' || request.resource.data.attachments[1].filetype == 'image/jpg' || request.resource.data.attachments[1].filetype == 'application/vnd.ms-excel') && request.resource.data.attachments[2].fileSize < 3 * 1024 * 1024 && (request.resource.data.attachments[2].filetype == 'image/png' || request.resource.data.attachments[2].filetype == 'image/jpg' || request.resource.data.attachments[2].filetype == 'application/vnd.ms-excel') && request.resource.data.attachments[3].fileSize < 3 * 1024 * 1024 && (request.resource.data.attachments[3].filetype == 'image/png' || request.resource.data.attachments[3].filetype == 'image/jpg' || request.resource.data.attachments[3].filetype == 'application/vnd.ms-excel');
}
Run Code Online (Sandbox Code Playgroud)

Dan*_*ath 7

我们不允许在规则中使用循环结构,因为我们依赖于几种更复杂结构更难的优化技术.我们也不会为规则执行收取计算时间,这意味着我们不希望它们过于复杂且可能具有滥用性.

随着规则的重复,我强烈建议使用function()功能来简化.例如,这是<1/3的大小:

match /emails/{emailId} {
    function attachments (){
      return request.resource.data.attachments();
    }

    function attach_cnt () {
      return attachments().size();
    }

    function valid_size(attach) {
      return attachments()[attach].fileSize < 3 * 1024 * 1024;
    }

    function valid_type(attach) {
      return (attachments()[attach].filetype == 'image/png' 
         || attachments()[attach].filetype == 'image/jpg'
         || attachments()[attach].filetype == 'application/vnd.ms-excel');
    }

    allow write: (attach_cnt() < 1 || (valid_size(0) && valid_type(0)))
    && (attach_cnt() < 2 || (valid_size(1) && valid_type(1)))
    && (attach_cnt() < 3 || (valid_size(2) && valid_type(2)))
    && (attach_cnt() < 4 || (valid_size(3) && valid_type(3)))
}
Run Code Online (Sandbox Code Playgroud)

这是我如何简化它(值得仔细检查,因为我可能错误输入).

  1. attachments为访问的请求数据创建了一个函数,因为它使用了一个聚合 - 这使得很容易浏览规则.
  2. 我做了一个attach_cnt附件数量的功能,因为经过检查了很多.
  3. 现在我看到每个附件都有一个文件大小约束,所以我valid_size使用attach我可以传递的参数为该测试创建了一个函数.
  4. 接下来是功能valid_type以相同的方式工作,但进行检查以确保它是有效的类型.
  5. 现在很明显,对于有2-4个项目的请求,对附件0执行相同的检查等.重新排序某些逻辑使您只能检查每个附件一次.

  • 让我感到奇怪的是,RTDB所谓的高级产品如何具有这么多未解决的局限性。由于缺乏类似于Bolt的替代方案,试图强制执行结构正确性不仅更加困难,而且更加冗长,而且有时也无法(验证动态映射和数组)。Google在路线图中是否有解决这些问题的计划? (5认同)

归档时间:

查看次数:

1075 次

最近记录:

7 年,7 月 前
如何使用Firestore的安全规则验证数组值? 3
更多相关链接
相关归档
在库中实现Firebase 24
Firebase消息传递NoSuchMethodError.zzUr异常 14
使用REST API将文件上载到Firebase存储 11
Firebase auth expires after 1 hr 9
Firebase 检查部署的文件 7
为什么不从.在从Firebase中删除数据时运行安全规则? 5
如何在React-Native项目中实施和测试Firebase Analytics? 5
Flutter:Firebase Realtime从对象列表中删除对象 5
短信验证码请求失败:未知状态码:17093 null Firebase Phone Auth Android 5
FlutterFirebaseMessagingBackgroundService 和 FlutterFirebaseMessagingPlugin 未解决 5
难疑归档
JavaScript中使用"严格"做什么,背后的原因是什么? 7339
浮点数学是否破碎? 2798
将Git分支合并到master中的最佳(也是最安全)方法是什么? 1977
什么是JavaBean? 1677
如何解决"断点当前不会被命中.此文档没有加载任何符号." 警告? 1456
为什么Java有瞬态字段? 1406
如何在Python中通过索引从列表中删除元素? 1381
如何在python字符串中打印文字大括号字符并在其上使用.format? 1320
Objective-C中的快捷方式用于连接NSStrings 1114
测量Python中经过的时间? 1031