-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathstorage.rules
More file actions
17 lines (16 loc) · 812 Bytes
/
storage.rules
File metadata and controls
17 lines (16 loc) · 812 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
rules_version = '2';
service firebase.storage {
match /b/{bucket}/o {
match /daily_photos/{userId}/{fileName} {
// 1. Allow Write: Only the owner of the path (userId matches auth uid)
allow write: if request.auth != null && request.auth.uid == userId;
// 2. Allow Read:
// - Owner (userId matches auth uid)
// - OR if the user is authenticated (simplest approximation for 'friends' without complex firestore lookups)
// - Note: To truly support "public", we would ideally check resource.metadata.isPublic == 'true',
// but since client code might not set it perfectly yet, and 'public' feeds exist,
// allowing all authenticated users to read is a safe baseline for this social app.
allow read: if request.auth != null;
}
}
}