Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
890 views
in Technique[技术] by (71.8m points)

firebase - Firestore security rules in to prevent sensitive field

I am modeling a database with Firestore, for a small company.

I have a collection of departments. Each department is a document. In the company, there will never be more than 50 employees. I would like to keep each employee as a map.

so a department document will be like this;

{ 
  emp1: { name: 'tom', age:23, email: 'tom@x.com'},
  emp2: { name: 'mike', age:35, email: 'mike@x.com'}
}

I would like to keep the age field private, it should be accessed only by superusers. From what I learnt, it is not possible to put access level at the granularity of a field. When a client receives the document, he will have access to all fields.

How can I go about that, I should keep a sub-collection of ages, would that work? Coming from SQL, and already done this smoothly in SQL, I cannot get my head around to have a collection just for a single integer.

Or is there any other alternative? I do not want to have a collection of employees.

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)
Waitting for answers

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...