-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathstorage.rules
More file actions
30 lines (27 loc) · 953 Bytes
/
storage.rules
File metadata and controls
30 lines (27 loc) · 953 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
rules_version = '2';
service firebase.storage {
match /b/{bucket}/o {
// Vendor images - vendors can upload to their own folder, admins can upload anywhere
match /vendors/{vendorId}/{allPaths=**} {
allow read: if true;
allow write: if request.auth != null &&
(request.auth.uid == vendorId ||
getUserRole() == 'admin');
}
// Hero images - admin only
match /hero-images/{allPaths=**} {
allow read: if true;
allow write: if request.auth != null && getUserRole() == 'admin';
}
// Profile images
match /profile-images/{userId}/{allPaths=**} {
allow read: if true;
allow write: if request.auth != null &&
(request.auth.uid == userId || getUserRole() == 'admin');
}
// Helper function to get user role
function getUserRole() {
return firestore.get(/databases/(default)/documents/users/$(request.auth.uid)).data.role;
}
}
}