Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
2.1k views
in Technique[技术] by (71.8m points)

does the firebase database online editor ignore security rules

I have rules set up that ensure a foreign key like constraint: when I put data at a certain path, the key is validated to exist at another node.

Rule snippet:

"app": {
  "freebies": {
     "$provider_id": {
          ".validate": "newData.parent().parent().parent().child('app').child('providers').child($provider_id).val() != null"
        }
      }

}

If I run a simulation with these params

Write to /app/freebies width data: {"totally_fake": 1}

This fails, which is CORRECT.

On the other hand, if I just go to the online editor and add a node to the same location with the same data, it writes the DB without errors.

My question is: does the online editor bypass the security rules ?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)
Waitting for answers

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...