Firebase Storage - File upload to folder 403 Firebase Storage: User does not have permission to access
When I was using firebase storage from the client side without admin sdk , I got the following error with the authenticated user, when I am uploading an image.
var temp = storage.ref().child("temp")
.child(file.name);
temp.put(file)
.then(snap => {
....
}
Firebase Response :
Firebase Response :
FirebaseStorageError {code_: "storage/unauthorized", message_: "Firebase Storage: User does not have permission to access 'temp/50.png'.", serverResponse_: "{↵ "error": {↵ "code": 403,↵ "message": "Pe…n denied. Could not perform this operation"↵ }↵}", name_: "FirebaseError"}
The error is due to the issue in firebase storage rules. The document pages do not specify how to set permission to all the objects under the given folder. However, they have given an example, to resolve the issue.
See the example at the end of the document :
https://firebase.google.com/docs/storage/security/user-security?authuser=0
If your rule is like below, it does not allow to write to the folder. It does allow only to content with name temp under the root to save.
service firebase.storage { match /b/{bucket}/o {
// match /{allPaths=**} { // allow read; // allow write: if request.auth != null; // } match /temp { allow read; allow write: if request.auth != null; }
}
But if you chage it as follows it will allow to write any file by the authenticated user :
var temp = storage.ref().child("temp")
.child(file.name);
temp.put(file)
.then(snap => {
....
}
Firebase Response :
Firebase Response :
FirebaseStorageError {code_: "storage/unauthorized", message_: "Firebase Storage: User does not have permission to access 'temp/50.png'.", serverResponse_: "{↵ "error": {↵ "code": 403,↵ "message": "Pe…n denied. Could not perform this operation"↵ }↵}", name_: "FirebaseError"}
See the example at the end of the document :
https://firebase.google.com/docs/storage/security/user-security?authuser=0
If your rule is like below, it does not allow to write to the folder. It does allow only to content with name temp under the root to save.
service firebase.storage { match /b/{bucket}/o {
// match /{allPaths=**} { // allow read; // allow write: if request.auth != null; // } match /temp { allow read; allow write: if request.auth != null; }
}
But if you chage it as follows it will allow to write any file by the authenticated user :
match /temp/{imageId} {
allow read;
allow write: if request.auth != null;
}
Comments
Post a Comment