【发布时间】:2020-07-20 14:32:13
【问题描述】:
我有以下安全规则:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
function no_write(field) {
return (!(field in request.resource.data) && !(field in resource.data))
|| (field in request.resource.data && field in resource.data && resource.data[field] == request.resource.data[field]);
}
function create_by_owner(field) {
return (!(field in request.resource.data) && !(field in resource.data)) || ((field in request.resource.data) && !(field in resource.data))
|| (field in request.resource.data && field in resource.data && resource.data[field] == request.resource.data[field]);
}
match /ll_profile/{user_id} {
allow read: if true;
allow write: if request.auth != null && user_id == request.auth.uid
&& no_write("last_changed") && create_by_owner("native_language");
}
}
}
no_write 函数限制要修改的字段。而create_by_owner 只允许创建一个字段,如果该字段已经存在,则不能进行修改。但是当我运行这个单元测试时:
it("succeed to write to my own document authenticated displayed_name field", async () => {
const db = get_firestore(my_auth);
const testDoc = db.collection(collection).doc(my_id);
await firebase.assertSucceeds(testDoc.set({displayed_name: "123"}, {merge: true}));
})
它给我一个错误Null value error. for 'create' @ L30 我没有限制字段displayed_name 的写访问。我的规则的哪一部分限制了这种写访问?
【问题讨论】:
标签: javascript firebase google-cloud-firestore firebase-security