Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Can Firebase Cloud Storage rules validate against Firestore data?

Tags:

Can we use Firestore data to grant or restrict access to files hosted on Firebase Cloud Storage?

Exemple of what I would like to use as Firebase Security Rule

allow write: if get(/databases/mydbname/documents/guilds/$(guildID)).data.users[(request.auth.uid)] in ["Admin", "Member"];
like image 718
Remi Avatar asked Oct 21 '17 09:10

Remi

People also ask

How do I set rules for firestore database?

To set up and deploy your first set of rules, open the Rules tab in the Cloud Firestore section of the Firebase console. Write your rules in the online editor, then click Publish.

What is the difference between Firebase Storage and firestore?

Firebase Realtime database is stuctured as a JSON tree while Cloud Firestore stores data in documents (document is a set of key-value pairs) and collections (collections of documents). Realtime Database stores data in JSON tree while Cloud firestore stores data in documents which is very similar to JSON.

What file should be used for firestore rules firestore rules?

rules // is a file used to define the security rules for your Firestore database. firestore. indexes. json // is a file used to define indexes for you Firestore queries.

Does firestore use Cloud Storage?

Cloud Firestore is a flexible, scalable database for mobile, web, and server development from Firebase and Google Cloud. The Firebase Realtime Database stores JSON application data, like game state or chat messages, and synchronizes changes instantly across all connected devices.

1 Answers

There is currently no way to access different Firebase products from within the security rules of another product. See: is there a way to authenticate user role in firebase storage rules?

But it seems like you are trying to check group-membership of the user. Instead of looking that group-membership up in the database, I recommend that you model it as a so-called custom claim. Instead of (or in addition to) writing the membership to the database, you'll set the claim "user {uid} is a member of group {guild1}" into the user profile using the Firebase Admin SDK:

admin.auth().setCustomUserClaims(uid, {guild1: true}).then(() => {   // The new custom claims will propagate to the user's ID token the   // next time a new one is issued. });

With that done, you can check the guild membership in the security rules:

allow read: if request.auth.token.guild1 == true;

(I'm not sure if/how you can model the guild membership as a map, I'll update this answer if that turns out to be the case.)

like image 110
Frank van Puffelen Avatar answered Oct 24 '22 20:10

Frank van Puffelen
Sign in to Comment

Related questions

Is there an XML schema extension for Visual Studio Code?
Can't bind to 'icon' since it isn't a known property of 'fa-icon'
How to uninstall Elm package?
Angular 6 building a library with assets
Why examples don't work? (a struggle with imports)
What is difference between release notes and changelog?
convert io.StringIO to io.BytesIO
Variable scope and name resolution in Python
Replace wildcards in a binary string avoiding three identical consecutive letters
OpenID as a Single Sign On option? [closed]
Setting up Team foundation server [closed]
Waiting for user input with a timeout

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!