Firebase Storage Custom metadata security rule for list of uids

Question

I\'m developing a messaging iOS app, where a user can send the same message to multiple people. The message is saved in firebase storage. I want to only enable the users who hav

Answer 1

So I have managed to solve it. The problem I had was that I wasn't familiar with Javascript and so I was getting the syntax wrong. After looking into Javascript I was soon able to work it out.

Hope my answer helps anyone else but would recommend learning the basics of Javascript if you are in a similar position to me.

It's also worth noting that to access the file metadata you use request.resource.metadata before the write is executed and resource.metadata to access once uploaded.

    match /messages/{messageId} {
    
        allow write: if request.resource.metadata['fromUid'] == request.auth.uid; 
        allow read: if resource.metadata[request.auth.uid] == request.auth.uid; 
    }