I'm writing Firebase Storage security rules to ensure that only the user who created a specific order can access the associated files. However, when I deploy the rules using firebase deploy --only storage, I encounter the following error:
Invalid function name: get.
rules_version = '2';
service firebase.storage {
match /b/{bucket}/o {
match /orders/{orderId}/{folder}/{fileName} {
function isUserAssociatedWithOrder() {
return request.auth != null &&
get(/databases/(default)/documents/ordersPublic/$(orderId)).data.customerUid == request.auth.uid
}
// Read and upload only if user is part of the order
allow read, write: if isUserAssociatedWithOrder(orderId);
// Explicitly disallow update/delete
allow update, delete: if false;
}
}
}
I've followed the answer on this question by placing the function that uses get() within the match block, but the error still persists. I haven't seen this exact error anywhere else here, so I thought I would ask.
How do I fix this error?
Since your writing rules for Firebase Storage, you need to use firestore.get() instead of just get().
Example from Firebase Storage docs:
service firebase.storage {
match /b/{bucket}/o {
match /users/{club}/files/{fileId} {
allow read: if club in
firestore.get(/databases/(default)/documents/users/$(request.auth.id)).memberships
}
}
}