>有人对这个身份验证业务有想法吗?我有护士(用户(和患者,我想允许护士处理一些患者记录。
现在(丢弃我所知道的有关关系数据库的所有信息(我已经在每个患者下放置了权限,其中每个权限都有用户/护士的 ID
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write:
if get(/databases/$(database)/documents/
patients/89QL8XXXXFf/
permissions/KZztXXXXXRf1)!=null;
}
}
}
..好的,知道了...
service cloud.firestore {
match /databases/{database}/documents{
//define the database variable, use it later as $(database)
match /patients/{patientId}{
//define variable patientId, use later as $(patientId)
allow read, write:
// if exists(/databases/$(database)/documents //WORKS
// /patients/$(patientId)
// /permissions/$(request.auth.uid))
if get(/databases/$(database)/documents //WORKS
/patients/$(patientId)
/permissions/$(request.auth.uid)).data.write == true;
//you have to get(...).data.myProperty
}
// match /{document=**} {
// allow read,write: if false;
// }
}
}