Firebase 存储 Post 规则适用于删除规则
Firebase Storage Post rules apply to Delete rules
这是我的规则,应用于 img 目录:
match /img {
match /{fileId} {
allow read,
write: if request.resource.contentType.matches('image/jpeg')
|| request.resource.contentType.matches('image/png')
|| request.resource.contentType.matches('image/gif')
&& request.resource.size < 2 * 1024 * 1024
}
}
}
问题是这些规则也适用于 delete(),因为它也是一种写入方法,所以它总是 returns 权限错误。我在文档中找不到与此相关的任何内容。如何推迟 POST/PUT 规则和 DELETE 规则?
自己找到解决办法。通过在根本没有资源发送(删除)时应用规则,它也获得了写权限。 create/update 代码的其余部分被发送到 OR 表达式。
match /img {
match /{fileId} {
allow read,
write: if request.resource == null ||
(request.resource.contentType.matches('image/jpeg')
|| request.resource.contentType.matches('image/png')
|| request.resource.contentType.matches('image/gif')
&& request.resource.size < 2 * 1024 * 1024)
}
}
这适用于那些想要创建和删除特定用户的人。
// Grants a user access to a node matching their user ID
service firebase.storage {
match /b/{bucket}/o {
// Allow write files to the path "images/*", subject to the constraints:
// 1) File is less than 10MB
// 2) Content type is an image or Content type is null for delete operation
match /user/{userId}/images/{allPaths=**} {
allow read: if resource.size < 10 * 1024 * 1024
&& request.auth != null;
allow write: if request.auth.uid == userId
&& (
request.resource == null
||
(
request.resource.contentType.matches('image/.*')
&& request.resource.size < 10 * 1024 * 1024
)
)
}
}
}
这是我的规则,应用于 img 目录:
match /img {
match /{fileId} {
allow read,
write: if request.resource.contentType.matches('image/jpeg')
|| request.resource.contentType.matches('image/png')
|| request.resource.contentType.matches('image/gif')
&& request.resource.size < 2 * 1024 * 1024
}
}
}
问题是这些规则也适用于 delete(),因为它也是一种写入方法,所以它总是 returns 权限错误。我在文档中找不到与此相关的任何内容。如何推迟 POST/PUT 规则和 DELETE 规则?
自己找到解决办法。通过在根本没有资源发送(删除)时应用规则,它也获得了写权限。 create/update 代码的其余部分被发送到 OR 表达式。
match /img {
match /{fileId} {
allow read,
write: if request.resource == null ||
(request.resource.contentType.matches('image/jpeg')
|| request.resource.contentType.matches('image/png')
|| request.resource.contentType.matches('image/gif')
&& request.resource.size < 2 * 1024 * 1024)
}
}
这适用于那些想要创建和删除特定用户的人。
// Grants a user access to a node matching their user ID
service firebase.storage {
match /b/{bucket}/o {
// Allow write files to the path "images/*", subject to the constraints:
// 1) File is less than 10MB
// 2) Content type is an image or Content type is null for delete operation
match /user/{userId}/images/{allPaths=**} {
allow read: if resource.size < 10 * 1024 * 1024
&& request.auth != null;
allow write: if request.auth.uid == userId
&& (
request.resource == null
||
(
request.resource.contentType.matches('image/.*')
&& request.resource.size < 10 * 1024 * 1024
)
)
}
}
}