-
-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy pathfirebase.storage.rules
More file actions
18 lines (16 loc) · 718 Bytes
/
firebase.storage.rules
File metadata and controls
18 lines (16 loc) · 718 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
rules_version = '2';
service firebase.storage {
match /b/{bucket}/o {
// Public read; writes require an authenticated event member. Speaker
// self-edit photo uploads go through the Cloud Functions API (admin SDK
// bypasses these rules), so unauthenticated speakers cannot write here
// directly — the API alone gates the upload behind a valid magic-link
// token. Pending-edit files use the `pending-edit-...` filename prefix
// for housekeeping.
match /events/{eventId}/{file} {
allow read: if true;
allow write: if request.auth != null && request.auth.uid in
firestore.get(/databases/(default)/documents/events/$(eventId)).data.members;
}
}
}