Reputation: 93
I try to imply security rules on Firebase storage using metadata and it not working:
service firebase.storage {
match <firebase-storage-url> {
match /{userId}/{allPaths=**}{
allow read: if resource.metadata.userid== userId;
allow write: if resource.metadata.userid== userId
}
}
}
StorageMetadata metadata = new StorageMetadata.Builder()
.setCustomMetadata("userid", user.ID)
.build();
filepath = mStorage.child( user.ID + "/" + String.valueOf(chatmessageamount + 1) + ".mp3");
Can someone help me?
Upvotes: 0
Views: 2029
Reputation: 15963
I think what you want is:
service firebase.storage {
match /b/{bucket}/o { // this should be this string literally, no need to put in the bucket name
match /{userId}/{allPaths=**}{
allow read: if request.auth.uid == userId;
allow write: if request.resource.metadata.userId == userId; // request.resource is the resource being written, resource is what already exists (which on first write will be null)
}
}
}
Upvotes: 3