Firebase存储安全规则无效

时间:2017-03-12 20:21:20

标签: android firebase firebase-security firebase-storage

我尝试使用元数据暗示Firebase存储上的安全规则,但它不起作用:

service firebase.storage {
  match <firebase-storage-url> {
  match /{userId}/{allPaths=**}{
  allow read: if resource.metadata.userid== userId;
  allow write: if resource.metadata.userid== userId
  }
  }
}


StorageMetadata  metadata = new StorageMetadata.Builder()
            .setCustomMetadata("userid", user.ID)
            .build();

filepath = mStorage.child( user.ID + "/" + String.valueOf(chatmessageamount + 1) + ".mp3");

有人可以帮助我吗?

1 个答案:

答案 0 :(得分:2)

我认为你想要的是:

service firebase.storage {
  match /b/{bucket}/o {  // this should be this string literally, no need to put in the bucket name
    match /{userId}/{allPaths=**}{
      allow read: if request.auth.uid == userId;
      allow write: if request.resource.metadata.userId == userId;  // request.resource is the resource being written, resource is what already exists (which on first write will be null)
    }
  }
}