我想制作一个带有angular和Firebase的应用程序。我想限制一个用户对我的数据库的读写访问。因此,我制定了此规则。
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read,write: if "auth.uid === 'gzL3tHnx6JQexMuK4h2Nyo0thHS2'"
}
}
}
这如预期的那样导致权限被拒绝错误。
该框架使从数据库写入和获取数据,注册用户并进行登录非常简单。不幸的是,该框架没有使用HTTP拦截器来添加凭据。的要求。可以以某种方式组合AngularFirestore和AngularFire Auth方法。下面的示例实现:
export class AppComponent {
private shirtCollection: AngularFirestoreCollection<Shirt>;
shirts: Observable<ShirtId[]>;
constructor(private readonly afs: AngularFirestore) {
this.shirtCollection = afs.collection<Shirt>('shirts');
// .snapshotChanges() returns a DocumentChangeaction[],which contains
// a lot of information about "what happened" with each change. If you want to
// get the data and the id use the map operator.
this.shirts = this.shirtCollection.snapshotChanges().pipe(
map(actions => actions.map(a => {
const data = a.payload.doc.data() as Shirt;
const id = a.payload.doc.id;
return { id,...data };
}))
);
}
private socialSignIn(provider: number): firebase.Promise<FirebaseAuthState> {
return this.af.auth.login({AuthProviders.Github,method: AuthMethods.Popup})
.then(() => this.updateUserData() )
.catch(error => console.log(error));
}
}