Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
884 views
in Technique[技术] by (71.8m points)

firebase - Firestore security rules in to prevent sensitive field

I am modeling a database with Firestore, for a small company.

I have a collection of departments. Each department is a document. In the company, there will never be more than 50 employees. I would like to keep each employee as a map.

so a department document will be like this;

{ 
  emp1: { name: 'tom', age:23, email: '[email protected]'},
  emp2: { name: 'mike', age:35, email: '[email protected]'}
}

I would like to keep the age field private, it should be accessed only by superusers. From what I learnt, it is not possible to put access level at the granularity of a field. When a client receives the document, he will have access to all fields.

How can I go about that, I should keep a sub-collection of ages, would that work? Coming from SQL, and already done this smoothly in SQL, I cannot get my head around to have a collection just for a single integer.

Or is there any other alternative? I do not want to have a collection of employees.

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)
Waitting for answers

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

2.1m questions

2.1m answers

60 comments

57.0k users

...