发表新帖
发表新帖

Firebase Cloud Storage security rule for deleting

前端 未结
关注
1 609
长情又很酷
长情又很酷 2021-01-22 15:30

Hi I am using Firebase Cloud Storage to develop web application. I would like to set different security rules for setting file from deleting file. It seems that write

相关标签:
1条回答
  • 轻奢々
    2021-01-22 15:55

    You can detect that a file is being deleted with request.resource == null in your rule.

    But there is no property in the file objects (that I know of) to know who created the file.

    A common approach is to store the files under a path that identifies their creator, e.g. /users/$uid/filename. With that structure you can check like this:

    match /users/{userId}/profilePicture.png {
  allow read;
  allow write: if request.auth.uid == userId && request.resource == null;
}

    An alternative would be to add an owner property to the metadata of each file and then check:

    match /{fileId} {
  allow read;
  allow write: if (request.auth.uid == resource.metadata.owner && request.resource == null);
}
    0 讨论(0)
 看不清?
提交回复
热议问题