1

I want to investigate that the user is admin or not but this is not working.

I get an error:

You don't have a permission to acces the object

rules_version = '2';
service firebase.storage {
  match /b/{bucket}/o {

      match /articles/{allPaths=**} {
        allow read;
        allow create: if firestore.get(/databases/{database}/documents/users/$(request.auth.uid)).data.isAdmin == true;
        allow update;
    }
  }
}

I try to rewrite the code, but this is not working too:

allow create: if firestore.get(/databases/{database}/documents/users/$(request.auth.uid)).isAdmin == true;
Frank van Puffelen
  • 565,676
  • 79
  • 828
  • 807
Dávid Varga
  • 11
  • 2

1 Answers1

0

According to this Firebase blog Security Rules in Cloud Storage for Firebase now supports cross-service Rules with two brand new functions firestore.get() and firestore.exists(). Your rule should be

allow create: if firestore.get(/databases/(default)/documents/users/$(request.auth.uid)).data.isAdmin == true;

instead of

allow create: if firestore.get(/databases/{database}/documents/users/$(request.auth.uid)).data.isAdmin == true;

This feature allows you to read only the Firestore data belonging to the same Firebase project as your Cloud Storage; you will not be able to query Firestore data from a different project.

Firebase currently supports only 1 database instance per project so the name must be (default) in path. A similar answer explains this.

I have also recreated the issue at my end and it turns out this feature is only available to (default) databases.

Rohit Kharche
  • 2,541
  • 1
  • 2
  • 13