访问规则:根据访问规则允许read-only/read-write访问
Access rules: allow read-only / read-write access based on access rules
我想编写一个 shopping-list 应用程序,用户可以在其中向其他用户授予 read-only 或 read-write 权限。
我计划数据库如下所示:
{
"lists": {
"1": {
"title": "List #1",
"items": [...],
"owner": "user1",
"read_only_access": [ {"user2": true} ],
"read_write_access": [ {"user3": true} ],
},
"2": {
"title": "List #1",
"items": [...],
"owner": "user1",
"read_only_access": [ {"user3": true} ],
"read_write_access": [],
},
"3": { ... }
},
"users": {
"user1": {
"name": "John",
},
"user2": { ... },
"user3": { ... }
}
}
如何定义 "lists" 树的访问规则,以便:
- 所有者将read-write访问他的所有列表
- read_only_access 列表中的用户将拥有读取权限
- read_write_access 列表中的用户将拥有 read-write 访问权限
- 既不是笔记所有者也不在笔记 read_only_access 和 read_write_access 列表中的用户 - 甚至没有读取权限
谢谢!
斯拉维克
数据库
{
"list-users" : {
"1": {
"user2" : {
"access" : { "read" : true, "write": false }
},
"user3" : {
"access" : { "read": false, "write" : true }
}
},
"2": {
"user3" : {
"access" : { "read" : true, "write": false }
}
}
},
"lists" : {
"1": {
"items": [ ... ],
"owner" : "user1",
"title" : "List #1"
},
"2": {
"items": [ ... ],
"owner" : "user1",
"title" : "List #2"
},
"3": {
"items": [ ... ],
"owner" : "user1",
"title" : "List #3"
}
},
"users" : {
"user1" : { "name" : "John" },
"user2" : { "name" : "Jane" },
"user3" : { "name" : "Joel" }
}
}
规则
{
"rules": {
"list-users": {
"$lid": {
"$uid": {
".write": "auth.uid === root.child('lists/$lid/owner').val()",
".validate": "newData.child('access').hasChildren(['read', 'write'])"
}
}
},
"lists": {
"$lid": {
".read": "data.child('owner').val() === auth.uid || root.child('list-users').child($lid).child(auth.uid).child('/access/read').val() === true",
".write": "data.child('owner').val() === auth.uid || root.child('list-users').child($lid).child(auth.uid).child('access/write').val() === true"
}
},
"users": {
"$uid": {
".read": "auth !== null",
".write": "auth.uid === $uid"
}
}
}
}
我想编写一个 shopping-list 应用程序,用户可以在其中向其他用户授予 read-only 或 read-write 权限。
我计划数据库如下所示:
{
"lists": {
"1": {
"title": "List #1",
"items": [...],
"owner": "user1",
"read_only_access": [ {"user2": true} ],
"read_write_access": [ {"user3": true} ],
},
"2": {
"title": "List #1",
"items": [...],
"owner": "user1",
"read_only_access": [ {"user3": true} ],
"read_write_access": [],
},
"3": { ... }
},
"users": {
"user1": {
"name": "John",
},
"user2": { ... },
"user3": { ... }
}
}
如何定义 "lists" 树的访问规则,以便:
- 所有者将read-write访问他的所有列表
- read_only_access 列表中的用户将拥有读取权限
- read_write_access 列表中的用户将拥有 read-write 访问权限
- 既不是笔记所有者也不在笔记 read_only_access 和 read_write_access 列表中的用户 - 甚至没有读取权限
谢谢!
斯拉维克
数据库
{
"list-users" : {
"1": {
"user2" : {
"access" : { "read" : true, "write": false }
},
"user3" : {
"access" : { "read": false, "write" : true }
}
},
"2": {
"user3" : {
"access" : { "read" : true, "write": false }
}
}
},
"lists" : {
"1": {
"items": [ ... ],
"owner" : "user1",
"title" : "List #1"
},
"2": {
"items": [ ... ],
"owner" : "user1",
"title" : "List #2"
},
"3": {
"items": [ ... ],
"owner" : "user1",
"title" : "List #3"
}
},
"users" : {
"user1" : { "name" : "John" },
"user2" : { "name" : "Jane" },
"user3" : { "name" : "Joel" }
}
}
规则
{
"rules": {
"list-users": {
"$lid": {
"$uid": {
".write": "auth.uid === root.child('lists/$lid/owner').val()",
".validate": "newData.child('access').hasChildren(['read', 'write'])"
}
}
},
"lists": {
"$lid": {
".read": "data.child('owner').val() === auth.uid || root.child('list-users').child($lid).child(auth.uid).child('/access/read').val() === true",
".write": "data.child('owner').val() === auth.uid || root.child('list-users').child($lid).child(auth.uid).child('access/write').val() === true"
}
},
"users": {
"$uid": {
".read": "auth !== null",
".write": "auth.uid === $uid"
}
}
}
}