service cloud.firestore {
match /databases/{database}/documents {
// Allow only authenticated content owners access
match /some_collection/{document} {
allow read, write: if request.auth != null && request.auth.uid == request.resource.data.author_uid
}
}
}
Realtime Database
// These rules grant access to a node matching the authenticated// user's ID from the Firebase auth token{"rules":{"users":{"$uid":{".read":"$uid === auth.uid",".write":"$uid === auth.uid"}}}}
Cloud Storage
// Grants a user access to a node matching their user IDservicefirebase.storage{match/b/{bucket}/o{// Files look like: "user/<UID>/file.txt"match/user/{userId}/{fileName}{allowread,write:ifrequest.auth!=null && request.auth.uid==userId;}}}
在 Rules 编辑器中,添加给定的规则。
从模拟类型下拉菜单中选择获取,然后在位置字段中输入一个有效的路径。
启用身份验证,并从提供方下拉菜单中选择一个身份验证类型。
输入用户 ID 详细信息,并点击运行。
模拟结果显示在编辑器的顶部。根据您输入的用户 ID 详细信息,您应该会看到一个横幅,确认已成功允许或拒绝读取操作。
[null,null,["最后更新时间 (UTC):2025-07-25。"],[],[],null,["\u003cbr /\u003e\n\nTo quickly test your updated Firebase Security Rules in the Firebase console, use\nthe Rules Playground.\n| **Note:** To fully validate your app's behavior and verify your Firebase Security Rules \n| configurations, use the [Firebase Emulator](/docs/rules/emulator-setup) to run and automate unit tests in a local environment.\n\nThe Rules Playground is a convenient tool to use as you're exploring\nnew behaviors or quickly validating rules as you write them. It displays a\nmessage confirming that access was either allowed or denied according to the\nparameters you set for the simulation.\n\nUse the Rules Playground\n\n1. Open the [Firebase console](//console.firebase.google.com/) and select your project.\n2. Then, from the product navigation, do one of the following:\n - Select **Realtime Database** , **Cloud Firestore** , or **Storage** , as appropriate, then click **Rules** to navigate to the Rules editor.\n3. Once you've made your edits, click **Rules Playground** from the editor.\n4. In the *Rules Playground* settings, select options for your test, including:\n - Testing reads or writes.\n - A specific **Location** in your database or storage bucket, as a path.\n - Authentication type --- unauthenticated, authenticated anonymous user, or a specific user ID.\n - Document-specific data that your rules specifically reference (for example, if your rules require the presence of a specific field before allowing a write).\n5. Click **Run** and look for the results in the banner above the editor.\n\nSample Rules Playground scenario\n\nTest the Rules Playground behavior with the following sample scenario\nand basic rules. \n\nCloud Firestore \n\n service cloud.firestore {\n match /databases/{database}/documents {\n // Allow only authenticated content owners access\n match /some_collection/{document} {\n allow read, write: if request.auth != null && request.auth.uid == request.resource.data.author_uid\n }\n }\n }\n\nRealtime Database\n\n\u003cbr /\u003e\n\n```scilab\n // These rules grant access to a node matching the authenticated\n // user's ID from the Firebase auth token\n {\n \"rules\": {\n \"users\": {\n \"$uid\": {\n \".read\": \"$uid === auth.uid\",\n \".write\": \"$uid === auth.uid\"\n }\n }\n }\n }\n \n```\n\n\u003cbr /\u003e\n\nCloud Storage \n\n // Grants a user access to a node matching their user ID\n service firebase.storage {\n match /b/{bucket}/o {\n // Files look like: \"user/<UID>/file.txt\"\n match /user/{userId}/{fileName} {\n allow read, write: if request.auth != null && request.auth.uid == userId;\n }\n }\n }\n\n- In the Rules editor, add the rule given.\n\n-\n Select **get** from the **Simulation type** drop-down menu and enter a valid\n path in the **Location** field.\n\n- Toggle on **Authentication** and select an authentication type from the\n **Provider** drop-down.\n\n- Enter the user ID details and click **Run**.\n\nThe results of the simulation appear at the top of the editor. Depending on the\nuser ID details you entered, you should see a banner confirming the read\nwas either successfully allowed or denied."]]
从模拟类型下拉菜单中选择获取,然后在位置字段中输入一个有效的路径。