我想为Firebase/Storage创建基于用户的安全性。下面允许写作品很好,如果我只上传图片。但它可以防止删除照片。如何为这种情况创建适当的安全规则?
service firebase.storage {
match /b/<bucket>/o {
match /{allPaths=**} {
allow read: if request.auth != null;
}
match /users/{uid}/{filename} {
allow write: if isCurrentUser(uid);
allow write: if isImage() &&
isCurrentUser(uid) &&
lessThanNMegabytes(n) &&
request.resource !=null &&
filename.size() < 50;
}
}
}
function isCurrentUser(uid) {
return request.auth.uid == uid;
}
function lessThanNMegabytes(n) {
return request.resource.size < n * 1024 * 1024;
}
function isImage() {
return request.resource.contentType.matches("image/.*");
}
我会用这个来检查你是否正在创建/更新文件或删除它
match /users/{uid}/{filename} {
allow write: if isCurrentUser(uid);
allow write: if resource == null ||
( isImage() &&
lessThanNMegabytes(n) &&
request.resource !=null &&
filename.size() < 50 );
}