firebase google-cloud-firestore firebase-storage firebase-security

Role based rules in firebase storage

I have a database having multiple groups - each having their own roles (admins, mods, etc..)

I have rules setup on firestore.

How do I replicate that on storage rules ?

Solution

To put it briefly, you can't without serious modifications.

Storage rules can't access Firestore documents. So all of the relationship you have in Firestore can not be used in Storage.

You can use Firebase Auth custom claims to attach per-user data that can be used in both Firestore and Storage, but this means you will have to duplicate that relationship data into those claims and keep them in sync in backend code.

You can also duplicate data from Firestore into metadata attached to files in Storage, and use that metadata in security rules to determine who can read or write individual files.

These are your only viable options without creating your own backend API endpoints that enforce security.

Firebase auth: Update (not signed in user) password without use 'sendPasswordResetEmail'
Delete all users from firebase auth console
Is there a way to use Google Firestore client in Python like in the Pyrebase library?
Firebase User Doesn't Have Constructor?
Firebase realtime database structure in chat app
node-red Firebase send notification
android.security.KeyStoreException: Signature/MAC verification failed
iOS and FirebaseCrashlytics
Will preventing AD_ID permission to be merged affect Firebase functionality?
Is it possible to use Firebase Realtime Database to implement a distributed mutex?
How to implement role based google authentication using Firebase
Firebase JS SDK `findNearest` function for Firestore Vector search
RxJs Compose a list of Observables and then combine (Firebase)
Flutter NSException: Configuration fails. It may be caused by an invalid GOOGLE_APP_ID in GoogleService-Info.plist or set in the customized options
How to setup FastAPI comunication with firestore through Pyrebase4
Best way to store Firebase admin private key file for AWS lambda
Upgraded angular versions and now getting error: "The AppComponent component is not marked as standalone"
QUOTA_EXCEEDED : Exceeded daily quota for email sign-in in spite of using my SMTP settings
Alternate of Authentication create trigger in 2nd Gen - Cloud Functions
firestore: PERMISSION_DENIED: Missing or insufficient permissions
Conditional rendering based on authentication security question
Firebase Authentication Emulator in Flutter on Android: `Logging in as [email protected] with empty reCAPTCHA token`
FireBase notification not working on new installs
is it safe to have 'firebase-messaging-sw.js" in public url
Defining memory for single firebase functions
How to show API error handle inside of react?
firebase login fails to make request to https://auth.firebase.tools/attest
Why is signInWithPhoneNumber from @capacitor-firebase/authentication doesn't works Ionic app for iOS?
Separating Firebase Functions Into Self-Contained "Packages" (Not separate files - entirely separate packages)
Firebase's Realtime Database's `startAt` isn't working as expected