This question has been asked before but non of the other solutions work for me.

READ with the security rules below works just fine.

WRITE with the security rules below result in an error.

Dart

SettableMetadata meta =
    SettableMetadata(
        customMetadata: {
        'selfUid': '123', // <-- HARD CODED FOR TESTING
        'partnerUid': partnerUid,
});

print(meta.customMetadata);

// {selfUid: 123, partnerUid: XXXXXX}

print(ref.fullPath);

// messages/afd6947a-3fe1-4fbd-9a45-e16ab55c6a8d

await ref.putData(Uint8List.fromList(medium), meta);

Rules

rules_version = '2';
service firebase.storage {
  match /b/{bucket}/o {

    match /messages/{messageUid}/{allPaths=**} {
      allow write: if request.auth.uid != null &&
       request.resource.metadata.selfUid == '123'; <-- HARD CODED FOR TESTING

      allow read: if request.auth.uid != null
        && (request.auth.uid == resource.metadata.selfUid
        || request.auth.uid == resource.metadata.partnerUid )
    }
  }
}

Error

firebase_storage
unauthorized
User is not authorized to perform the desired action.

Question

If I remove this from the security rules, I dan WRITE a file to storage:

request.resource.metadata.selfUid == '123'

This should be straight forward, but I don’t see what I am doing wrong.