Firebase Cloud Storage: permission denied. could not perform this operation firebase when retrieving downloadURL

Question

I have a function that successfully uploads an image to my cloud storage bucket.

With another function I want to get the URL of the image to show it on my page (With <img.../>)

getImageUrl(id: string) {
    return this.storageRef.child('X/' + id ).getDownloadURL();

But when I do this.. I get an 'invalid' URL and when I copy the URL and go to it, I get the following message:

{
  "error": {
    "code": 403,
    "message": "Permission denied. Could not perform this operation"
  }
}

I read somewhere that this might be because there is no token attached in the URL, but how can I enable this?

Answer 1

The last couple of days I have been trying to understand Firebase Storage rules and I don't know why but when I separate rules for writing and for reading like this for example:

allow write: if request.auth != null && request.resource.size < 3 * 1024 * 1024;
allow read: if true;

the code works great and I can write and read using getDownloadURL(), but when I use them together like this:

allow read, write: if request.auth != null && request.resource.size < 3 * 1024 * 1024;

I got the same error as you:

{
  "error": {
  "code": 403,
  "message": "Permission denied. Could not perform this operation"
  }

}

I can write when using them together, but when I try to read the file using getDownloadURL(), the issue appears. Maybe you could try separating the rules as I mention and see if it works. I hope it solves your problem. Also, don't forget that the rules are live after 5 minutes from the moment you set them. Good luck.

Answer 2

You have to set Storage Security Rules, read more about this here