问题
Here is my rules :
rules_version = '2';
service firebase.storage {
match /b/{bucket}/o {
match /{country}/{type}/{allPaths=**} {
allow read, write;
}
}
}
For some reason I can write and read in this path : child(Test).child("Image.jpg") but it shouldn't be. I should only be able to write and read in this path child(Test).child(Test2).child("Image.jpg")
Test and Test2 are both variables.
Am I missing something?
回答1:
It's working as I would expect. In security rules version 2, recursive wildcards (allPaths=**) match 0 or more path segments. So, your rule is matching country=Test and type=Image.jpg with nothing matched for allPaths.
If you want only two path segments, you'll have to get rid of the allPaths wildcard entirely. Or, consider calling out specific top-level path components instead of wildcarding everything.
来源:https://stackoverflow.com/questions/61534818/firebase-storage-rules-access-granted-doesnt-match-rules