Firebase cloud storage rule for custom metadata

Question

In firebase storage security rules, for delete permission, I want to check if a custom metadata key not exists in a file. I put locked key as custom metadata to reject delete requests. So, if a file do not have locked metadata it means it is allowed to delete.

What I tried so far:

allow delete: if resource.metadata.locked != true

allow delete: if !resource.metadata.locked

and even:

allow delete: if resource.metadata.size() == 0;

On Firebase console when I check the related files it is written "No metadata found".

But none of them above worked. How can I check if a file do not have a specific metadata key ?

Answer 1

I've rapidly done some tests with the Security Rules playground and here are the findings:

• If the Storage object does not have metadata, a rule like if resource.metadata.locked != true or if resource.metadata.unlocked == "true" will generate an error "Property metadata is undefined on object".
• If you set a custom metadata to Boolean true (e.g. in JavaScript var metadata = {customMetadata: { locked: true },};), in the Security Rules, you should check for the String true.

Conclusion: You would need to have a custom metadata named unlocked, for example, and use the following rule:

allow delete: if resource.metadata.unlocked == "true";.