is there a way to authenticate user role in firebase storage rules? [duplicate]

问题

I am trying to restrict firebase storage based on user role.

Database:
    users
        <uid>
            admin=false
            ... ... ...

I am trying to use the following kind of rule in firebase storage:

root.child('users').child(auth.uid).child('user').child('admin').val() == true

I am getting access denied after adding this to the write rule.

Thanks.

回答1:

As Frank van Puffelen pointed out in his comment:

function isAdminUser() {
    return request.auth.uid in {
        "yaddayadddayaddUserIDKey":"User Name1"
    };
}

service firebase.storage {
    match /b/<appName>.appspot.com/o {
        match /{allPaths=**} {
            allow read;
            allow write: if request.auth != null && isAdminUser();
        }
   }
}

来源：https://stackoverflow.com/questions/39187424/is-there-a-way-to-authenticate-user-role-in-firebase-storage-rules

标签

firebase

firebase-realtime-database

firebase-authentication

firebase-security

firebase-storage

易学教程内所有资源均来自网络或用户发布的内容，如有违反法律规定的内容欢迎反馈！
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!