{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 欢心 的问题《Using newData on Updates in Firebase Security Rule》','https://www.manongdao.com/q-1024997.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I'm having issues using newData within Firebase security rules when doing a update operation.
Here is my data structure:
And here are my rules:
{
"rules": {
"videos": {
"$videoId": {
"data": {
"content": {
"srcURL": {
".write": "root.child('videos/' + $videoId + '/tokens/' + newData.child('/videos/-1vidid/requestToken').val() + '/read' ).exists()"
},
},
"meta": {
"status": {
".write": "root.child('videos/' + $videoId + '/tokens/testTok/read').exists()"
}
}
},
"requestToken": {
".write": true,
}
}
}
}
}
Here is data I'm trying to write via update:
{
"videos/-1vidid/data/meta/status": "uploaded",
"videos/-1vidid/data/content/srcURL": "https",
"videos/-1vidid/requestToken": "testTok"
}
And here are my rules failing when I try to use newData;
Notice it's working when I hardcode in the token ("testTok"), but when I try and use newData it won't clear.
Here are more attempts when I get rid of the "videos" and $videoId ("-1vidid) from the newData childs:
Any idea why newData does not appear to be working on updates?
Your relevant rules:
The
newDatavariable refers to the new data at the current location. There is no child/videosunder the location where you've defined the rule.I assume you want to start reading from the root. In that case you can either use
root, which gives you the existing data at the root, or usenewData.parent().parent()...(repeated for however many levels up you need to go) for getting the updated data.