Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

getDownloadURL function fails in emulator mode if storage rules are not allowed #8070

Closed
cabljac opened this issue Dec 17, 2024 · 1 comment
Closed

getDownloadURL function fails in emulator mode if storage rules are not allowed #8070

cabljac opened this issue Dec 17, 2024 · 1 comment
Labels
emulators: functions emulators: storage type: bug

Comments

@cabljac
Copy link

cabljac commented Dec 17, 2024

Reposting this issue from firebase-functions firebase/firebase-functions#1547 as it seems to be an issue with the storage emulator rather than the functions SDK. Feel free to close and correct me if i'm mistaken here.

[REQUIRED] Environment info

firebase-tools: firebase-tools: 13.3.1
node: v20.10.0
firebase-admin: 12.0.0

[REQUIRED] Test case

index.ts

import {initializeApp} from "firebase-admin/app";
import {getDownloadURL, getStorage} from "firebase-admin/storage";
import {onRequest} from "firebase-functions/v2/https";
initializeApp();

export const uploadFile = onRequest(async (_req, res) => {
  // Create a CSV string
  const csvData = "Name,Email,Balance";

  // Create a new file in the bucket
  const bucket = getStorage().bucket();
  const file = bucket.file("csvs/temp.csv");

  // Write the csv data to the file
  await file.save(csvData, {
    metadata: {
      contentType: "text/csv",
    },
  });

  // Get the download url
  const downloadUrl = await getDownloadURL(file);

  res.send(`Download URL: ${downloadUrl}`);
});

With rules:

rules_version = '2';
service firebase.storage {
  match /b/{bucket}/o {
    match /{allPaths=**} {
      allow read, write: if false;
    }
  }
}

[REQUIRED] Steps to reproduce

  1. Create a new firebase cloud functions project with typescript and storage emulator
  2. Copy the above provided sample codes in functions/src/index.ts and storage.rules respectively.
  3. Run firebase emulators:start
  4. Send request to the uploadFile function using postman or whatever
  5. See error / crash
  6. Now update storage.rules to allow all paths (i.e. allow read, write: if true;)
  7. Repeat step 4
  8. See a download url is sent

[REQUIRED] Expected behavior

As cloud functions don't rely on and basically bypass the firestore.rules, database.rules and storage.rules, a download url should be fetched no matter what the storage.rules are set to.

[REQUIRED] Actual behavior

functions: Error: Permission denied. No READ permission.
@cabljac cabljac mentioned this issue Dec 17, 2024
Closed
@aalej
Copy link
Contributor

aalej commented Dec 17, 2024

Thanks for the detailed report @cabljac! Looking though the information provided, I think this is a similar issue to #7946. That said, I'm going to go ahead and close this as a duplicate, but please let me know if you think this is different issue and needs to be reopened.

@aalej aalej closed this as not planned Won't fix, can't repro, duplicate, stale Dec 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
emulators: functions emulators: storage type: bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cabljac @aalej