{

“read”: “auth.openid == get(`database.openid2groupid.${doc.groupId}`).another_openid”,

“write”: “doc._openid == auth.openid”

}

{

“read”: “get(`database.openid2groupid.${doc.groupId}`).another_openid == auth.openid”,

“write”: “doc._openid == auth.openid”

}

今天尝试了数据库安全规则，想设置权限，结果整了好久权限没给出来，机缘巧合发现，auth.openid所在的位置不同，居然影响条件表达式的结果，auth.openid在前面，他总是拒绝我，auth.openid才如期运行，哭了

代码是下面的，查询传入一个groupId，到数据库openid2groupid查记录，如果记录_id == groupId,查记录的another_openid里有没有和auth.openid相同的，有就授权

mergeCommonCriteria(criteria) {

return {

groupId: this.data.groupId,

…criteria,

}

},

async initRoom() {

this.try(async () => {

await this.initOpenID()

const { envId, collection } = this.properties

const db = this.db = wx.cloud.database({

env: envId,

})

const _ = db.command

const { data: initList } = await db.collection(collection).where(this.mergeCommonCriteria()).orderBy(‘sendTimeTS’, ‘desc’).get()