stackoom
  简体   繁体   中英

Do Firebase Storage security rules support version 2?

 原文  2022-08-26 02:17:19       firebase/ firebase-storage/ firebase-security

Question

https://firebase.google.com/docs/rules/rules-language?hl=en&authuser=0#cloud-storage

In the above documentation, it seems to suggest that Storage security rules support version 2 but none of the Storage examples opt into version 2, only the Firestore rules do. Do Storage security rules support version 2?

Also, in my Firestore rules, which opt into version 2, I only grant read and write access to admins up front and any rules subsequent to that are for non-admin access, and it works fine.

rules_version = '2';
service cloud.firestore {
    match /databases/{database}/documents {
        function isAdmin() {
            return request.auth.token.admin == true;
        }

        function isSignedIn() {
            return request.auth != null;
        }

        match /{doc=**} {
            allow write: if isAdmin();
            allow read: if isAdmin();
        }

        // THIS IS EVALUATED FOR NON-ADMIN USERS 😀
        match /someCollection/{doc} {
            allow read: if isSignedIn();
        }
    }
}

However, when I use this pattern this with Storage rules, it appears that after the admin check is evaluated, the task returns and ignores the rest of the conditions, thereby blocking all read and write access for non-admin users.

service firebase.storage {
    match /b/{bucket}/o {
        function isAdmin() {
            return request.auth.token.admin == true;
        }

        function isSignedIn() {
            return request.auth != null;
        }

        match /{allPaths=**} {
            allow write: if isAdmin();
            allow read: if isAdmin();
        }

        // THIS IS NOT EVALUATED FOR NON-ADMIN USERS 🤬
        match /images/fruits/{allPaths=**} {
            allow read;
        }
    }
}

Is this a feature of version 1?

1 answers

solution1
 0 ACCPTED  2022-08-26 08:38:01

If I recall correctly, version 2 of Firebase security rules for Cloud Storage was introduced to support securing list operations, so unless you use those the version number is likely to make little difference.

My guess is that the other rules snippets in the documentation simply haven't been updated to specify a version, since they work the same on either of them.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to use Firestore Document Reference in Firebase Cloud Storage Security Rules? What do these default security rules for the Firebase Realtime Database mean? is it risky to keep firebase firestore & storage security rules (allow read , write = true) for a local application? Firebase Storage Emulator rules not working firebase sessions cookies and storage rules Firebase Cross Service Security Rules Firebase security rules for mobile apps Firebase Storage security through obscurity Firebase storage security rules 400 error issue "Permission denied. Could not access bucket xxxxx-****.appspot.com" Firebase firstore security rules for cloud functions
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM