我有一个具有以下特征的应用程序:
这些是我想出的安全规则:
service cloud.firestore {
match /databases/{database}/documents {
match /invoices/{id} {
allow read: if request.auth != null; // only admins can read data
allow write: if request.auth != null; // only admins can write data (full access)
allow create; // users can order stuff, hence they can create
}
match /{document=**} {
allow read; // everything else except the invoices is public
allow write: if request.auth != null; // if you are an admin, you have full access
}
}
}
问题在于,当使用this.ref = db.collection('invoices').doc()创建发票并使用this.ref.id在数据库中获取ID时,会出现Missing or insufficient permissions.错误。
我显然在这里做错了,希望对此提出任何建议。