我想制作一个带有angular和Firebase的应用程序。我想限制一个用户对我的数据库的读写访问。因此，我制定了此规则。

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /{document=**} {
      allow read,write: if "auth.uid === 'gzL3tHnx6JQexMuK4h2Nyo0thHS2'"
    }
  }
}

这如预期的那样导致权限被拒绝错误。

该框架使从数据库写入和获取数据，注册用户并进行登录非常简单。不幸的是，该框架没有使用HTTP拦截器来添加凭据。的要求。可以以某种方式组合AngularFirestore和AngularFire Auth方法。下面的示例实现：

export class AppComponent {
  private shirtCollection: AngularFirestoreCollection<Shirt>;
  shirts: Observable<ShirtId[]>;
  constructor(private readonly afs: AngularFirestore) {
    this.shirtCollection = afs.collection<Shirt>('shirts');
    // .snapshotChanges() returns a DocumentChangeaction[],which contains
    // a lot of information about "what happened" with each change. If you want to
    // get the data and the id use the map operator.
    this.shirts = this.shirtCollection.snapshotChanges().pipe(
      map(actions => actions.map(a => {
        const data = a.payload.doc.data() as Shirt;
        const id = a.payload.doc.id;
        return { id,...data };
      }))
    );
  }

private socialSignIn(provider: number): firebase.Promise<FirebaseAuthState> {
  return this.af.auth.login({AuthProviders.Github,method: AuthMethods.Popup})
    .then(() => this.updateUserData() )
    .catch(error => console.log(error));
}

}