So I'm trying to set rules into storage, but I need to access to firestore to set it right.

Here is my example:

Into my firestore database I have a users collection which have a collection named items. The path look like this: /users/items/{itemId}

I want that a user can read and write a file into storage with this path: /items/{id}/file.png only if the {id} of the item already exist into the items collection of firestore database. Is there a way to set correctly rules into storage using firestore ?

I tried this:

service firebase.storage {
  match /b/{bucket}/o {
    match /items/{item}/{allPaths=**} {
        allow read, write: if exists(/databases/{database}/documents/users/$(request.auth.uid)/items/$(item));
    }
  }
}

But this doesn't work :/

Thanks for your help!

There is no way for security rules of one Firebase product to refer to another Firebase product. The performance implications would be too big.

If such inter-product consistency is a requirement for you, you might want to consider doing the writes from Cloud Functions. While that doesn't suddenly allow cross-product security rules, it does mean that you an ensure it is your code doing the writes and the code is running in a more reliable environment then the average user's phone or PC.

its possible, example:

allow write: if isAdmin(request.auth.id) && request.resource.size < 10 * 1024 * 1024 || request.resource == null

function isAdmin(userId) {
    return firebase.database('users').child(userId).child('isAdmin').val() == true
}