Is there a way to upload an image to Firebase Storage based on Firestore values?

0
votes

I thought this would be simple with Firebase but I have not found a solution to this yet:

I have an Admins collection in my Firestore database and basically want to limit my Images folder in Firebase storage so only Admins can add new images. The security rules do not allow me to do an "if userID is in database then allow create".

Does anyone know how to achieve this functionality? From looking at other questions it looks like a Function may be able to do this however I could not find a working solution on how to upload an image using a function let alone limit it based on database data.

1
firebasegoogle-cloud-firestoregoogle-cloud-functions
It is currently not possible to use Cloud Firestore documents in Cloud Storage security rules, but you can use the workaround Michael gave in order to mirror admin status into the custom claims of the Firebase Auth account.Doug Stevenson
Thank you for confirming Doug!Tech

1 Answers

2
votes

Something I've done for a similar case is use a Cloud Function to sync admin status to Firebase Auth custom claims. A simplified version might look something like:

exports.setAdminClaim = functions.firestore.document('admins/{uid}').onWrite(change => {
  if (change.after.exists) {
    return admin.auth().setCustomUserClaims(change.after.id, {admin: true});
  }

  return admin.auth().setCustomUserClaims(change.after.id, {admin: false});
});

This allows you to then use the custom claim in your Storage rules:

allow write: if request.auth.token.admin == true