Firebase storage rules - Unexpected 'userId'

Question

I'm trying to set a rule, in firebase for storage, where only the authenticated user can write his avatar image called avatar

This is firebase docs example:

// Grants a user access to a node matching their user ID
service firebase.storage {
  match /b/{bucket}/o {
    // Files look like: "user/<UID>/path/to/file.txt"
    match /user/{userId}/{allPaths=**} {
      allow read, write: if request.auth.uid == userId;
    }
  }
}

and these are my rules defined in storage.rules file:

service firebase.storage {
  match /b/{bucket}/o {
    match /{allPaths=**} {
      allow read, write: if request.auth != null;
    }

    match /images/{allPaths=**} {
      allow write: if request.resource.size < 5 * 1024 * 1024
                    && request.resource.contentType.matches("image/.*")
                    && request.resource.contentType == resource.contentType
    }

    match /images/user-{userId}/avatar.* {
      allow read;
      allow write: if request.auth.uid == userId;
    }
  }
}

When I deploy the error thrown is

[E] 13:25 - Unexpected 'userId'

I can't find anything else in the docs telling me how to defined this userId. The docs specify it and what am I doing wrong?

Could it be that wildcards are not allowed as partial matches, and only work as a full match at a location? So, not /images/user-{userId}, but instead /images/{userId} — Doug Stevenson
I think you meant to /images/user/{userId}/avatar not /images/user-{userId}/avatar , aren't you ? — Ali Faris

JuliaDias JuliaDias · Accepted Answer · 2018-01-25T14:16:16

Like both commenters said the syntax doesn't allow "folders" with -

So you must opt for a structure like

/images/user/{userId}

making the rule like:

match /images/user/{userId}/avatar.* {
  allow read;
  allow write: if request.auth.uid == userId;
}

Firebase storage rules - Unexpected 'userId'

1 Answers