Firebase 存储规则“未经授权”

Question

这些是我的存储规则：

rules_version = '2';
service firebase.storage {
  match /b/{bucket}/o {
    match /auction-images/{auctionId} {
      allow read;
      allow write: if request.auth != null && request.resource.size < 1 * 1024 * 1024
                   && request.resource.contentType.matches('image/.*');

    }
  }
}

如您所见，我想允许来自auction-images/{auctionId} 的所有读取。当我尝试运行模拟器时，它按预期工作。

但是，当我启动我的应用程序并尝试加载图像时，它会打印以下错误：

code: "storage/unauthorized"
code_: "storage/unauthorized"
message: "Firebase Storage: User does not have permission to access 'auction-images/NVOi2jGlfDA5huPUzjSA'."
message_: "Firebase Storage: User does not have permission to access 'auction-images/NVOi2jGlfDA5huPUzjSA'."
name: "FirebaseError"
name_: "FirebaseError"
serverResponse: "{↵  "error": {↵    "code": 403,↵    "message": "Permission denied. Could not perform this operation"↵  }↵}"
serverResponse_: "{↵  "error": {↵    "code": 403,↵    "message": "Permission denied. Could not perform this operation"↵  }↵}"

即使我发布了对规则的更改，它们似乎也没有生效。我错过了什么？

这是给我一个错误的代码：

this.firestorage.storage.ref(`auction-images/${this.recentAuctions[0].uuid}`).list().then(res => {
    console.log(res)
  })
  .catch(err => {
    console.log(err);
  });

Answer 1

原来我的规则是错误的。我将它们更新为：

rules_version = '2';
service firebase.storage {
  match /b/{bucket}/o {
    match /auction-images/{auctionId}/{image} {
      allow read;
      allow write: if request.auth != null && request.resource.size < 1 * 1024 * 1024
                   && request.resource.contentType.matches('image/.*');
    }
  }
}

我认为match /auction-images/{auctionId} 可以为整个文件夹编写规则，但我必须添加/{image} 才能将规则应用于里面的图像。