{
"read": "auth.openid == get(`database.openid2groupid.${doc.groupId}`).another_openid",
"write": "doc._openid == auth.openid"
}
{
"read": "get(`database.openid2groupid.${doc.groupId}`).another_openid == auth.openid",
"write": "doc._openid == auth.openid"
}
今天尝试了数据库安全规则,想设置权限,结果整了好久权限没给出来,机缘巧合发现,auth.openid所在的位置不同,居然影响条件表达式的结果,auth.openid在前面,他总是拒绝我,auth.openid才如期运行,哭了
代码是下面的,查询传入一个groupId,到数据库openid2groupid查记录,如果记录_id == groupId,查记录的another_openid里有没有和auth.openid相同的,有就授权
mergeCommonCriteria(criteria) {
return {
groupId: this.data.groupId,
...criteria,
}
},
async initRoom() {
this.try(async () => {
await this.initOpenID()
const { envId, collection } = this.properties
const db = this.db = wx.cloud.database({
env: envId,
})
const _ = db.command
const { data: initList } = await db.collection(collection).where(this.mergeCommonCriteria()).orderBy('sendTimeTS', 'desc').get()
请问这个安全规则是在哪里配置吖?一直没找到....