Accordingly to this section in the official docs, these security rules:
service firebase.storage {
match b/{bucket}/o {
// Matches any filename containing string '/images/'.
match /images/{imageId} {
allow read, write: if false;
}
// Matches all filenames containing string `/images/`
match /images/{imageId=**} {
allow read, write: if true;
}
}
}
All reads and writes to files with the string /images/ anywhere in their filename will be allowed because the second rule is always true, even though the first rule is always false.
I understand the naming conventions to emulate a file system and the overlapping stuff... but, does that "anywhere" mean these permissions apply to filenames like /foo/bar/images/profilePicture.png
? (Just asking because it is strange to me, I supposed rules won't apply to files with another prefix, just supposed they must start with images
)
CodePudding user response:
That actually looks like a mistake in that sample. As far as I know the first match /images/{imageId}
matches file that are immediately under the images
filter, while the second match /images/{imageId=**}
also matches files that are in deeper nested folders under /images
.