堆栈内存溢出
  简体   繁体   English

Firebase 存储规则,保留路径打开

[英]Firebase storage rules, leave on path open

 原文  2022-09-28 17:57:17       firebase/ firebase-storage/ firebase-security

问题描述

Now that firebase has forced using rules scrambling to find the right solution here.现在 firebase 已经强制使用规则加扰来找到正确的解决方案。 I have all images in the main bucket and every user once logged in has something like bucket我在主桶中有所有图像,每个登录后的用户都有类似桶的东西

users/{uid}/uploads

where all there uploaded photos go (would be cool to restrict to images at some point) these should be public read and write, if write can be only for the authenticated user even better, but auth to read is necessary.所有上传的照片 go(在某些时候限制为图像会很酷)这些应该是公开读写的,如果写入只能用于经过身份验证的用户就更好了,但是需要授权阅读。

there is a special folder before a user is authenticated and need upload a profile pic在用户通过身份验证之前有一个特殊的文件夹,需要上传个人资料照片

users/uploads

which should be read write to the public here is what i have but the second rule takes precedence我所拥有的应该是公开的,但第二条规则优先

 service firebase.storage {
  match /b/{bucket}/o {
    match /users {
        match /uploads {
            match /object {
            allow read, write
            }
        }
        }
    match /{allPaths=**} {
       allow read, write: if request.auth != null
    }
  }
}

I'm thinking it probably needs to be a not /users/uploads forthen then do do this but the documentation is bad for if else statements.我认为它可能需要不是 /users/uploads 然后执行此操作,但文档对 if else 语句不利。 any thoughts?有什么想法吗?

EDIT: this rule set works for reading correctly but still can't write when unauthenticated during sign up编辑:此规则集适用于正确阅读,但在注册期间未经身份验证时仍无法写入

service firebase.storage {
  match /b/{bucket}/o {
    
    // Allow only authenticated users to upload
    // Any user can read
    match /users/uploads {
      allow read, write;
    }
  
    // Only allow user with auth.uid == uid to read/write
    match /users/{uid}/uploads {
       allow read: if true;
       allow write: if request.auth.uid == uid;
    }
  }
}

1 个解决方案

解决方案1
 0  2022-09-28 18:06:32

You can try the following rules that'll restrict access to user's own directory and also have a public folder:您可以尝试以下规则,这些规则将限制对用户自己的目录的访问,并且还有一个公用文件夹:

rules_version="2";
service firebase.storage {
  match /b/{bucket}/o {

    // Allow only authenticated users to upload
    // Any user can read
    match /users/uploads {
      allow read: if true;
      allow write: if request.auth != null; 
    }
    
    // Only allow user with auth.uid == uid to read/write
    match /users/{uid}/uploads {
       allow read: if true;
       allow write: if request.auth.uid == uid;
    }
  }
}

Do note that if request.auth;= null;请注意if request.auth;= null; allows everyone write (including delete) so try using allow create: only.允许每个人写(包括删除)所以尝试使用allow create: only。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Firebase 未考虑在特定路径写入的存储规则 - Firebase storage rules for writing at specific path not considered Firebase storage.rules 版本 2 - Firebase storage.rules version 2 Firebase 存储模拟器规则不起作用 - Firebase Storage Emulator rules not working firebase 会话 cookie 和存储规则 - firebase sessions cookies and storage rules Firebase 存储安全规则是否支持版本 2? - Do Firebase Storage security rules support version 2? 如何将 Firebase 存储规则部署到特定的存储桶? - How to deploy Firebase Storage rules to specific buckets? Firebase 聊天应用中图像的存储安全规则 - Firebase Storage security rules for images in a chat app Firebase 关于存储过期的不安全规则 email - Firebase insecure rules email about storage expiring 获取客户端 URL 到 Firebase 符合存储规则的云存储 - Getting a client URL to Firebase Cloud Storage that comply with storage rules 如何修复 firebase 存储规则失败的客户端请求 - How to fix firebase storage rules failing client side request
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM