0

How can I create permission for read files in cloud storage and set the permission in firestore.

  • The owner can read/update
  • The owner can select how can read the file
    • Only he
    • His friends (friends node)
    • Selected users (he select the users id.)

  • If a user for some reason have the URL but this is not the owner and not is in the readers list I want this not have permission in cloud storage.

  • List item

Firestore model is something like this:

users: {
    -user1 {
      - friends {
         user3 {
           "name":...
           "photoUrl":...
         },
         user2 {
           "name":...
           "photoUrl":...
         }
      }
      ...
    }
    -user2
    -user3
  }
}

posts: {
    -post1 {
      "owner": user1,
      "description":...
      "fileUrl": fileUrlOnFirebaseCloudStorage,
      "timestamp"...
      "privacy": // private, public, friends, customs users 
                 // how to set this ?
    }
    -post2
    -post3
  }
}

And what is the rules for firestore and firebase cloud storage?

Frank van Puffelen
  • 565,676
  • 79
  • 828
  • 807
Basketball ICO
  • 39
  • 1

1 Answers1

0

What you're trying to do currently isn't possible using only security rules. Security rules set for one product are not capable of reading data from other projects. So, you can't read documents in Cloud Firestore in rules deployed to Cloud Storage.

Doug Stevenson
  • 297,357
  • 32
  • 422
  • 441
  • Thanks, you said "isn't possible using only security rules.", so do you know a way to do this using other thing? or is completely impossible with cloud storage? – Basketball ICO Sep 09 '19 at 07:59
  • Look into using Cloud Functions to mirror data between Firestore and Storage. It's complicated. – Doug Stevenson Sep 09 '19 at 15:07