-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfirestore.rules
93 lines (81 loc) · 3.12 KB
/
firestore.rules
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
//function for updates to requests
function updateRequests() {
return resource.data.client_id == request.auth.uid ||
(
resource.data.vendor_id == "" &&
(resource.data.status == 'pending' || resource.data.status == 'reserved') &&
request.resource.data.attachments == resource.data.attachments &&
request.resource.data.citation == resource.data.citation &&
request.resource.data.client_id == resource.data.client_id &&
request.resource.data.created_at == resource.data.created_at &&
request.resource.data.label == resource.data.label &&
request.resource.data.pages == resource.data.pages &&
request.resource.data.pricing == resource.data.pricing &&
request.resource.data.repository == resource.data.repository &&
request.resource.data.repository_id == resource.data.repository_id
) ||
(
resource.data.vendor_id == request.auth.uid &&
request.resource.data.citation == resource.data.citation &&
request.resource.data.client_id == resource.data.client_id &&
request.resource.data.created_at == resource.data.created_at &&
request.resource.data.label == resource.data.label &&
request.resource.data.pages == resource.data.pages &&
request.resource.data.pricing == resource.data.pricing &&
request.resource.data.repository == resource.data.repository &&
request.resource.data.repository_id == resource.data.repository_id
) ||
get(/databases/$(database)/documents/organization/$(get(/databases/$(database)/documents/repositories/$(resource.data.repository_id)).data.organization)).data.owner == request.auth.uid
}
//areas
match /areas/{area} {
allow read: if request.auth != null;
allow write: if false;
}
//feedback
match /feedback/{document} {
allow create: if request.auth != null;
allow read, update, delete: if false;
}
//repositories
match /repositories/{repository} {
allow read: if request.auth != null;
allow write: if false;
}
//requests
match /requests/{document} {
allow create, read: if request.auth != null;
allow update: if updateRequests()
allow delete: if resource.data.client_id == request.auth.uid
}
//user-meta
match /user-meta/{userId} {
allow create: if request.auth != null;
allow read, update: if request.auth.uid == userId;
allow delete: if false;
}
//suggestions
match /suggestRepo/{suggestion} {
allow create: if request.auth != null;
allow read, update, delete: if false;
}
// organizations
match /organization/{document} {
allow read: if request.auth != null;
// allow read, update, delete: if false;
}
// organization-slugs
match /organization-slugs/{slug} {
allow read: if request.auth != null;
// allow read, update, delete: if false;
}
// admin references
match /admins/{admin} {
allow read: if request.auth != null;
// allow read, update, delete: if false;
}
}
}