我目前正在创建Firebase安全规则,以防止用户将节点设置为空并删除该节点中的所有数据。
这是我的模式
{ "folder" : { "item1" : { "dataset1" : { "data1" : 123, "data2" : 456, "data3" : 789 } } } }这些是我的规则
{ "rules": { "folder": { // users cannot delete items in the node folder ".write": "newData.exists()", // item is a variable "$item": { "dataset1": { // dataset1 must have certain nodes and can't be deleted (set to null) ".validate": "data.hasChildren(['data1', 'data2', 'data3']) && newData.exists()", "data1": {".validate": "newData.isNumber()"}, "data2": {".validate": "newData.isNumber()"}, "data3": {".validate": "newData.isNumber()"}, // using the variable $other means any node that isn't data1, data2, data3 is denied "$other": {".validate": false} } } } } }使用内置的模拟器,我得到了这些结果:
这适用于位置设置为“/ folder / item1”和“/ folder / item1 / dataset1”
如果我在data1中拥有更深的节点,它们将全部被删除,因为允许写入。
感谢您阅读。 打开任何答案,最好我不需要更改架构。
I am currently creating Firebase security rules to prevent a user from setting a node to null and deleting all the data in that node.
This is my schema
{ "folder" : { "item1" : { "dataset1" : { "data1" : 123, "data2" : 456, "data3" : 789 } } } }These are my rules
{ "rules": { "folder": { // users cannot delete items in the node folder ".write": "newData.exists()", // item is a variable "$item": { "dataset1": { // dataset1 must have certain nodes and can't be deleted (set to null) ".validate": "data.hasChildren(['data1', 'data2', 'data3']) && newData.exists()", "data1": {".validate": "newData.isNumber()"}, "data2": {".validate": "newData.isNumber()"}, "data3": {".validate": "newData.isNumber()"}, // using the variable $other means any node that isn't data1, data2, data3 is denied "$other": {".validate": false} } } } } }Using the built in simulator I'm getting these results:
This works when location is set to "/folder/item1" and "/folder/item1/dataset1"
If I had deeper nodes in data1 they would all be deleted because the write was allowed.
Thanks for taking a read. Open to any answers, preferably I don't need to change the schema.
最满意答案
我不清楚你在问什么。 但是你的规则存在一些问题,所以我只是指出那些希望他们回答你的问题。
您授予/folder上的写入权限,您无法在较低级别上将其删除。 只要任何数据留在/folder任何写入都是允许的。 需要记住的一点是, newData是位于该位置的数据,因为它将在写入操作之后存在; 它不仅仅是写入的新数据。 我的印象是,你试图阻止使用.validate规则进行删除。 请记住,删除数据时不会执行验证,因此您不能使用.validate规则来防止删除。我怀疑#2是造成你目前的问题。
It's not really clear to me what you're asking. But there are a few problems with your rules, so I'll just point those out in hopes that they answer your question.
you grant write access on /folder, which you cannot take away at a lower level. As long as any data is left under /folder any write is allowed. A thing to keep in mind is that newData is the data at the location as it will exist after the write operation; it is not just the new data that is written. I have the impression that you're trying to prevent the deletion with .validate rules. Keep in mind that validation is not performed when deleting data, so you cannot use .validate rules to prevent deletion.I suspect that #2 is causing your current problem.
更多推荐
发布评论