Update firestore rules
This commit is contained in:
parent
57f59ebfc4
commit
0c2e6d966c
|
@ -173,19 +173,15 @@ service cloud.firestore {
|
||||||
allow update: if (request.auth.uid == resource.data.creatorId || isAdmin())
|
allow update: if (request.auth.uid == resource.data.creatorId || isAdmin())
|
||||||
&& request.resource.data.diff(resource.data)
|
&& request.resource.data.diff(resource.data)
|
||||||
.affectedKeys()
|
.affectedKeys()
|
||||||
.hasOnly(['name', 'about', 'contractIds', 'memberIds', 'anyoneCanJoin', 'aboutPostId' ]);
|
.hasOnly(['name', 'about', 'anyoneCanJoin', 'aboutPostId' ]);
|
||||||
//allow update: if (request.auth.uid in resource.data.memberIds || resource.data.anyoneCanJoin)
|
|
||||||
// && request.resource.data.diff(resource.data)
|
|
||||||
// .affectedKeys()
|
|
||||||
// .hasOnly([ 'contractIds', 'memberIds' ]);
|
|
||||||
allow delete: if request.auth.uid == resource.data.creatorId;
|
allow delete: if request.auth.uid == resource.data.creatorId;
|
||||||
|
|
||||||
match /groupContracts/{contractId} {
|
match /groupContracts/{contractId} {
|
||||||
allow write: if isGroupMember();
|
allow write: if isGroupMember() || if request.auth.uid == resource.data.creatorId;
|
||||||
}
|
}
|
||||||
|
|
||||||
match /groupMembers/{memberId}{
|
match /groupMembers/{memberId}{
|
||||||
allow create: if request.auth.uid == request.resource.data.userId && get(/databases/$(database)/documents/groups/$(groupId)).data.anyoneCanJoin;
|
allow create: if request.auth.uid == resource.data.creatorId || (if request.auth.uid == request.resource.data.userId && get(/databases/$(database)/documents/groups/$(groupId)).data.anyoneCanJoin);
|
||||||
allow delete: if request.auth.uid == resource.data.userId;
|
allow delete: if request.auth.uid == resource.data.userId;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user