Firebase Storage Project Level Permissions
Question
I store files in Firebase Storage as follows:
/{projectId}/{file}
Users have different permissions based on the projectId , and can easily have some level of permissions on tens (or even hundreds) of projects. For each project, he or she is assigned a role, which determines what operations are permitted.
I have these roles stored in Firestore by the user, but they are inaccessible in the Firebase Storage security rules.
Furthermore, setting custom claims with all project roles for each user will easily exceed the 1000 byte limit for custom claims. Is there any way to lookup permissions at the time of file access, ie, update, delete, read/download?
1 answers
solution1
1 2019-11-14 23:11:57
There is currently no way to access documents in Firestore from security rules defined for Storage. Custom claims is the only common permissions system shared between the two products.
Consider routing access through Cloud Functions if you need more a more flexible logic, either before or after the fact.
Please feel free to file a feature request with Firebase support .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.