Firebase存储规则“未经授权”

时间:2019-06-16 12:30:35

标签: firebase firebase-storage firebase-security-rules

这些是我的存储规则:

rules_version = '2';
service firebase.storage {
  match /b/{bucket}/o {
    match /auction-images/{auctionId} {
      allow read;
      allow write: if request.auth != null && request.resource.size < 1 * 1024 * 1024
                   && request.resource.contentType.matches('image/.*');

    }
  }
}

如您所见,我想允许所有对auction-images/{auctionId}的读取。当我尝试运行模拟器时,它按预期工作。

但是,当我启动应用程序并尝试加载图像时,它会显示此错误:

code: "storage/unauthorized"
code_: "storage/unauthorized"
message: "Firebase Storage: User does not have permission to access 'auction-images/NVOi2jGlfDA5huPUzjSA'."
message_: "Firebase Storage: User does not have permission to access 'auction-images/NVOi2jGlfDA5huPUzjSA'."
name: "FirebaseError"
name_: "FirebaseError"
serverResponse: "{↵  "error": {↵    "code": 403,↵    "message": "Permission denied. Could not perform this operation"↵  }↵}"
serverResponse_: "{↵  "error": {↵    "code": 403,↵    "message": "Permission denied. Could not perform this operation"↵  }↵}"

即使我发布了对规则的更改,它们似乎也没有生效。我想念什么?

这是给我一个错误的代码:

this.firestorage.storage.ref(`auction-images/${this.recentAuctions[0].uuid}`).list().then(res => {
    console.log(res)
  })
  .catch(err => {
    console.log(err);
  });

1 个答案:

答案 0 :(得分:0)

原来我的规则是错误的。我将它们更新为:

_

我认为rules_version = '2'; service firebase.storage { match /b/{bucket}/o { match /auction-images/{auctionId}/{image} { allow read; allow write: if request.auth != null && request.resource.size < 1 * 1024 * 1024 && request.resource.contentType.matches('image/.*'); } } } 可以为整个文件夹编写规则,但是我必须添加match /auction-images/{auctionId}才能将规则应用于内部图像。