如何从Firebase安全规则中打印`auth`?

huangapple
go评论51阅读模式
英文:

How to print `auth` from the Firebase Security Rules?

问题

在安全规则中,在调用 Firebase 实时数据库时,有没有办法打印/返回auth的有效载荷?我在尝试使规则生效时遇到了问题,似乎是因为auth.uid不包含我期望的值。有没有办法打印它的值?

更新:

在安全规则中,以下第一行转换为true,而第二行转换为false。我期望auth.uid22,因此也期望第二行转换为true

root.child('projects').child($project_uuid).child('person').child('22').exists()  // 是true
root.child('projects').child($project_uuid).child('person').child(auth.uid).exists()  // 是false

在探索 Network > ws 下发送的数据后(请参见下面的图像),我仍然期望auth.uid22,因此第二行转换为true。有可能导致这种情况吗?

最小示例:

数据库内容:

projects: {
  "abcd": {
    person: {
      22: {
        permissions: {
          read: true
        }
      }
    },
    data: {
      allKindOfData: "abc"
    }
  }
}

安全规则:

{
  "rules": {
    "projects": {
      "$project_uuid": {
        "person": {
          ".read": "true"
        },
        ".read": "root.child('projects').child($project_uuid).child('person').child('22').exists()
               && root.child('projects').child($project_uuid).child('person').child(auth.uid).exists()"
      }
    }
  }
}

如何从Firebase安全规则中打印`auth`?

英文:

Is there a way to print/return the payload of auth inside the Security Rules, when making a call to a Firebase Realtime database?

I'm struggling to get a rule to work and it seems like it's because auth.uid doesn't contain the value I expect it to have. Is there a way to print the value it has?

Update:

In the security rules the first line below converts to true while the second line converts to false. I expect auth.uid to be 22, so would also expect the second line to convert to true.

root.child('projects').child($project_uuid).child('person').child('22').exists()  // is true
root.child('projects').child($project_uuid).child('person').child(auth.uid).exists()  // is false

After exploring the sent data under Network > ws (see image below), I still expect auth.uid to be 22 and therefore the second line to convert to true. Any reason why this might not be the case?

如何从Firebase安全规则中打印`auth`?

Minimal case:

Database content:

projects: {
  "abcd": {
    person: {
      22: {
        permissions: {
          read: true
        }
      }
    },
    data: {
      allKindOfData: "abc"
    }
  }
}

Security Rules:

{
  "rules": {
    "projects": {
      "$project_uuid": {
        "person": {
          ".read": "true"
        },
        ".read": "root.child('projects').child($project_uuid).child('person').child('22').exists()
               && root.child('projects').child($project_uuid).child('person').child(auth.uid).exists()"
      }
    }
  }
}

答案1

得分: 1

打印/记录安全规则中似乎是不可能的。如果您想检查发送到Firebase的auth.uid的值,您可以在前端中记录它:如果用户已登录,其uid将与查询一起发送到Firebase后端服务,例如RTDB。

另一方面,您可以使用“规则游乐场”模块来调试您的规则。

如何从Firebase安全规则中打印`auth`?

英文:

Printing/logging in the security rules is not possible AFAIK. If you want to check the value of auth.uid that is sent to Firebase you can log it in your front end: If the user is signed-in, its uid will be sent together with the queries to the Firebase back-end services, e.g. the RTDB.

On the other hand you can use the "Rules Playground" module to debug your rules.

如何从Firebase安全规则中打印`auth`?

huangapple
  • 本文由 发表于 2023年6月1日 19:27:40
  • 转载请务必保留本文链接:https://go.coder-hub.com/76381389.html
  • firebase
  • firebase-realtime-database
  • firebase-security
  • google-cloud-platform
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定