This is my current code:
这是我当前的代码:
async newCollectionRequest({ commit }, data) {
try {
console.log(data);
const location = `/pending-images/${data.collectionName}/${data.image.name}`;
console.log(location);
const storage = getStorage();
const storageRef = ref(storage, location);
// 'file' comes from the Blob or File API
await uploadBytes(storageRef, data.image);
console.log('Uploaded a blob or file!');
return true;
} catch (error) {
throw error.message;
}
},
It seems to be working, but only in that I'm getting a 403 response when attempting to upload the image. I'm unsure why I'm getting a 403 in the first place though as I've implemented authentication on the app, and I've confirmed the user is logged in when trying to take this action. This is my firebase rule:
它似乎起作用了,但只是因为我在尝试上传图像时收到了403响应。我不确定为什么我一开始就得到了403,因为我已经在应用程序上实现了身份验证,并且我已经确认用户在尝试执行此操作时是登录的。这是我的火力基地规则:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth != null;
}
}
}
I'm not sure why this is resulting in a 403 error
我不确定这为什么会导致403错误
更多回答
Since you are writing an async
function, don't you want to await
the result of uploadBytes
instead of using then
?
由于您正在编写一个异步函数,难道您不想等待ploadBytes的结果而不是使用THEN吗?
honestly, i didn't think it mattered yet. this is technically a rough draft, i usually go back and correct for junk writing like that afterwards. will clean that up right away though
老实说,我当时觉得这无关紧要。从技术上讲,这是一个粗略的草稿,我通常会回去纠正这样的垃圾写作。会马上清理干净的
Using await will have a very different effect on this function than using then. Right now, your function will return true before the upload is complete.
使用AWait将对此函数产生与使用THEN非常不同的效果。现在,您的函数将在上传完成之前返回TRUE。
it didn't solve the 403, unfortunately. effectively it is the same behavior - except i see now what you mean. you're totally right about that bug, i hadn't noticed it yet since the function's return isn't hooked up to anything yet
不幸的是,它并没有解决403的问题。实际上,这是同样的行为--除了我现在明白你的意思了。你对那个错误的看法完全正确,我还没有注意到它,因为函数的返回还没有与任何东西挂钩
优秀答案推荐
You have posted a firestore.rules
file. You are using Firebase storage. You must create a storage.rules
file in the root of your Firebase project (the same place you have your firestore.rules
file) and add something like:
您已经发布了一个FireStore.rules文件。您正在使用Firebase存储。您必须在Firebase项目的根目录中创建storage.ruls文件(与您的Firestore.rules文件位于同一位置),并添加类似以下内容的内容:
rules_version = '2';
service firebase.storage {
match /b/{bucket}/o {
match /{allPaths=**} {
allow read, write: if request.auth != null;
}
}
}
This will grant full read/write access to any authenticated user. You can read more about storage rules here.
这将向任何经过身份验证的用户授予完全读/写访问权限。您可以在这里阅读更多关于存储规则的信息。
更多回答
I might need a bit of hand holding to figure this out. I'm using the cloud.firestore part for authentication. When i remove that, the auth stops working. So i tried adding the firebase.storage rule in addition to the cloud.firestore rule, and while that got the auth working, i'm still getting a 403 response despite those rules being present now. what am I doing wrong here?
我可能需要一点牵手来弄清楚这件事。我正在使用Cloud.Firestore部分进行身份验证。当我删除它时,身份验证停止工作。因此,我尝试在添加Cloud.Firestore规则的基础上添加Firebase.store规则,虽然这样做可以使身份验证正常工作,但尽管现在存在这些规则,我仍然得到了403响应。我到底做错了什么?
Your authentication will work independently of any of these files. Then there is a firestore.rules file that guards access to firestore, storage.rules to guard access to storage, database.rules for realtime database. You likely want a firestore.rules file AND a storage.rules file. If you're using the emulator, these files will be loaded locally. If you are testing live, you'll need to do a firebase deploy
or update the rules in the web console.
您的身份验证将独立于任何这些文件工作。然后是一个FireStore.rules文件,用于保护对Firestore、storage.ruls的访问。用于保护对存储、数据库的访问的规则。用于实时数据库的规则。您可能需要一个firestore.rules文件和一个storage.rules文件。如果您使用的是模拟器,则这些文件将在本地加载。如果您正在测试LIVE,您将需要进行Firebase部署或在Web控制台中更新规则。
I'm using the web console. I just pasted both in, but that appears to be the incorrect approach. I don't see what would be correct either. I was mistaken earlier though, it wasn't giving me the same 403 error, it was failing the post for a cors error, so maybe there is progress? I'm not sure. It seems like there may be multiple things wrong with my set up currently.
我正在使用网络控制台。我刚刚把这两个都粘贴进去了,但这似乎是不正确的方法。我也看不出什么是正确的。我之前弄错了,它没有给我同样的403错误,它是因为CORS错误而没有通过POST,所以可能有进展?我没有把握。看起来我的设置现在可能有很多问题。
aha! So what was wrong with my account was that I hadn't activated Storage yet. I didn't understand that the files that you're referring to have equivalents on the web interface, and those products have to each be individually activated before you can use them. I totally didn't understand that part, but once I figured it out, everything started working. This is absolutely the correct answer, thank you so much!
啊哈!因此,我的帐户的问题是我还没有激活存储。我不明白你所指的文件在Web界面上有等价物,而这些产品必须分别激活才能使用。我完全不理解这一点,但一旦我弄明白了,一切都开始正常工作。这绝对是正确的答案,非常感谢!
我是一名优秀的程序员,十分优秀!