Firebase Storage Rules - Unexpected "userId"

Question

Firebase Storage Rules - Unexpected "userId"

I am trying to set a rule in firebase for storage where only an authenticated user can write their avatar image named avatar

This is a firebase docs example:

// Grants a user access to a node matching their user ID
service firebase.storage {
  match /b/{bucket}/o {
    // Files look like: "user/<UID>/path/to/file.txt"
    match /user/{userId}/{allPaths=**} {
      allow read, write: if request.auth.uid == userId;
    }
  }
}

and these are my rules defined in the storage.rules file:

service firebase.storage {
  match /b/{bucket}/o {
    match /{allPaths=**} {
      allow read, write: if request.auth != null;
    }

    match /images/{allPaths=**} {
      allow write: if request.resource.size < 5 * 1024 * 1024
                    && request.resource.contentType.matches("image/.*")
                    && request.resource.contentType == resource.contentType
    }

    match /images/user-{userId}/avatar.* {
      allow read;
      allow write: if request.auth.uid == userId;
    }
  }
}

When I deploy the error that occurred,

[E] 13:25 - Unexpected 'userId'

I cannot find anything else in the docs telling me how to define this userId. Documents define it and what am I doing wrong?

+4

reactjs firebase firebase-storage firebase-security-rules

Lokuzt Jan 24 '18 at 18:29

source share

1 answer

JuliaDias · Accepted Answer · 2018-01-25T14:16:16+0000

Like both commentators, the syntax does not allow "folders" with -

So you should choose a structure like

/images/user/{userId}

creating a rule like:

match /images/user/{userId}/avatar.* {
  allow read;
  allow write: if request.auth.uid == userId;
}

Firebase Storage Rules - Unexpected "userId"

More articles: