1

I am getting the following error when attempting to delete() an image from Firebase Storage:

com.google.firebase.storage.StorageException: User does not have permission to access this object.

My rules look like this:

service firebase.storage {
  match /b/{bucket}/o {
    match /users/{userId}/{filename} {
      allow read: if request.auth.uid != null;
      allow write: if request.auth.uid != null;
    }
  }
}

And my Storage reference tree looks like this:

users > {uid} > {filename}

And here's the function call:

private fun deleteImages(firebaseUser: FirebaseUser){
    val firebaseUser = FirebaseAuth.getInstance().currentUser ?: return false
    /** Delete user image from storage */
    val bucket = "http://myapp.appspot.com.storage.googleapis.com/"
    val filename = "Lx0NkP2iTzLnlFupvRq"
    Log.d(TAG, "$bucket/users/${firebaseUser.uid}/$filename")
    // successfully prints filename url: http://myapp.appspot.com.storage.googleapis.com/users/QX2Qi49j3URbK5FtmWvQT1jWHcw2/Lx0NkP2iTzLnlFupvRq
    bucket.child(bucket + "users/${firebaseUser.uid}/$filename").delete().addOnSuccessListener { Log.d(TAG, "First image deleted") }.addOnFailureListener { exception -> Log.d(TAG, "Failed to delete images: $exception") }

}

Any idea what the problem is?

Zorgan
  • 8,227
  • 23
  • 106
  • 207
  • 2
    Please edit the question to show the code that doesn't work the way you expect. Be clear about the exact values of the reference that is being built so we can check that your code matches your rules. Also make sure that a user is signed in. – Doug Stevenson Oct 01 '19 at 12:54
  • Have you signed in using firebase authentication? – ViduraPrasangana Oct 01 '19 at 12:57
  • checkout this https://stackoverflow.com/questions/38671444/user-does-not-have-permission-to-access-this-object-firebase-storage-android – Ankit Oct 01 '19 at 12:57
  • allow read, write; permission not given in console may be – Ankit Oct 01 '19 at 12:58
  • @DougStevenson I've added the function call in which shows the correct filename (includes UID) attempting to be deleted - but it fails on the user permission exception. – Zorgan Oct 01 '19 at 13:05
  • The code is showing too many variables. It's impossible for us to see what's behind all these resources and shared preferences. Please try hard coding the exact value of the object to delete, and make sure the user is signed in. – Doug Stevenson Oct 01 '19 at 13:07
  • @DougStevenson the variables just build the link to the image file - they log a blue link in my android studio console which successfully goes to the image I want to delete. `QX2Qi49j3URbK5FtmWvQT1jWHcw2` is the logged in user's firebase.uid, and `Lx0NkP2iTzLnlFupvRq` is the filename. So the filepath in firebase storage is `/users/QX2Qi49j3URbK5FtmWvQT1jWHcw2/Lx0NkP2iTzLnlFupvRq` - this matches my security rules however it's still showing user permission error. – Zorgan Oct 01 '19 at 13:16
  • Did you make sure the user is signed in at the time of the request? Is `bucket` really a string? (because it wouldn't have a method called child, and your code wouldn't compile). – Doug Stevenson Oct 01 '19 at 13:29
  • Yes bucket is a string - it successfully parses the first part of the url (`http://myapp.appspot.com.storage.googleapis.com/`). The user is also signed in - `firebaseUser.uid` successfully parses the logged-in users's firebase id to the second part of the url. I've added a `firebaseUser` variable to the code to make it easier to read. Not sure what the problem is but I'll keep looking. – Zorgan Oct 01 '19 at 13:49

1 Answers1

0

Solved. The problem was, I added the bucket prefix http://myapp.appspot.com.storage.googleapis.com/ to bucket.child() - but bucket.child() already includes the bucket prefix and only requires the child path (users/${firebaseUser.uid}/$filename").

Zorgan
  • 8,227
  • 23
  • 106
  • 207