Firebase存储,基于用户的上传/删除的适当规则是什么? [英] Firebase Storage, What's the proper rules for user based uploading/deleting?
本文介绍了Firebase存储,基于用户的上传/删除的适当规则是什么?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
service firebase.storage {
match / b /< bucket> / o {
match / {allPaths = **} {
允许阅读:if request.auth!= null;
}
match / users / {uid} / {filename} {
允许写入:if isCurrentUser(uid);
允许写入:if isImage()&&
isCurrentUser(uid)&&
lessThanNMegabytes(n)&&
request.resource!= null&&
filename.size()< 50;
$ b函数isCurrentUser(uid){
return request.auth.uid == uid;
}
函数lessThanNMegabytes(n){
return request.resource.size< n * 1024 * 1024;
函数isImage(){
返回request.resource.contentType.matches(image /.*);
解决方案
如果您正在创建/更新文件或将其删除
match / users / {uid} / {filename} {
允许写入:if isCurrentUser(uid);
允许写入:if resource == null ||
(isImage()&&
lessThanNMegabytes(n)&&
request.resource!= null&&
filename.size()<50 );
}
I want to create user based security for Firebase/Storage. Below allow write works well if I do only upload images. But It prevents deleting a photo. How can I create proper security rule to this case?
service firebase.storage {
match /b/<bucket>/o {
match /{allPaths=**} {
allow read: if request.auth != null;
}
match /users/{uid}/{filename} {
allow write: if isCurrentUser(uid);
allow write: if isImage() &&
isCurrentUser(uid) &&
lessThanNMegabytes(n) &&
request.resource !=null &&
filename.size() < 50;
}
}
}
function isCurrentUser(uid) {
return request.auth.uid == uid;
}
function lessThanNMegabytes(n) {
return request.resource.size < n * 1024 * 1024;
}
function isImage() {
return request.resource.contentType.matches("image/.*");
}
解决方案
I would use this to check if you are creating/updating a file or removing it
match /users/{uid}/{filename} {
allow write: if isCurrentUser(uid);
allow write: if resource == null ||
( isImage() &&
lessThanNMegabytes(n) &&
request.resource !=null &&
filename.size() < 50 );
}
这篇关于Firebase存储,基于用户的上传/删除的适当规则是什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
