Moshe Gil
Reputation: 93
Firebase storage security rules not working
I try to imply security rules on Firebase storage using metadata and it not working:
service firebase.storage {
match <firebase-storage-url> {
match /{userId}/{allPaths=**}{
allow read: if resource.metadata.userid== userId;
allow write: if resource.metadata.userid== userId
}
}
}
StorageMetadata metadata = new StorageMetadata.Builder()
.setCustomMetadata("userid", user.ID)
.build();
filepath = mStorage.child( user.ID + "/" + String.valueOf(chatmessageamount + 1) + ".mp3");
Can someone help me?
Upvotes: 0
Views: 2029
Answers (1)
Mike McDonald
Reputation: 15963
I think what you want is:
service firebase.storage {
match /b/{bucket}/o { // this should be this string literally, no need to put in the bucket name
match /{userId}/{allPaths=**}{
allow read: if request.auth.uid == userId;
allow write: if request.resource.metadata.userId == userId; // request.resource is the resource being written, resource is what already exists (which on first write will be null)
}
}
}
Upvotes: 3
Related Questions
- Firebase Storage Rules strange behavior
- Firebase Storage read security rules don't seem to be having any effect
- Firebase Storage Rules - access granted doesn't match rules
- Firebase storage rules "unauthorized"
- Firebase storage rule for authenticated user not working
- Firebase Storage Rules customMetadata not working
- Firebase Storage security rule error- User does not have permission
- Firebase Storage Rules
- Firebase private rule not working for storage
- Firebase Storage security read rule ignored