Is it possible to set storage rules using firestor

2019-07-21 17:54发布

站内问答 / 后端开发
1335 2 6

So I'm trying to set rules into storage, but I need to access to firestore to set it right.

Here is my example:

Into my firestore database I have a users collection which have a collection named items. The path look like this: /users/items/{itemId}

I want that a user can read and write a file into storage with this path: /items/{id}/file.png only if the {id} of the item already exist into the items collection of firestore database. Is there a way to set correctly rules into storage using firestore ?

I tried this:

service firebase.storage {
  match /b/{bucket}/o {
    match /items/{item}/{allPaths=**} {
        allow read, write: if exists(/databases/{database}/documents/users/$(request.auth.uid)/items/$(item));
    }
  }
}

But this doesn't work :/

Thanks for your help!

2条回答
Emotional °昔
2楼-- · 2019-07-21 18:35

There is no way for security rules of one Firebase product to refer to another Firebase product. The performance implications would be too big.

If such inter-product consistency is a requirement for you, you might want to consider doing the writes from Cloud Functions. While that doesn't suddenly allow cross-product security rules, it does mean that you an ensure it is your code doing the writes and the code is running in a more reliable environment then the average user's phone or PC.

查看更多
0人赞 添加讨论(0) 举报
虎瘦雄心在
3楼-- · 2019-07-21 18:51

its possible, example:

allow write: if isAdmin(request.auth.id) && request.resource.size < 10 * 1024 * 1024 || request.resource == null

function isAdmin(userId) {
    return firebase.database('users').child(userId).child('isAdmin').val() == true
}
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(6)