open.source/manifold
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update firestore rules

Browse Source
This commit is contained in:
Ian Philips 2022-09-02 16:38:14 -06:00
parent 57f59ebfc4
commit 0c2e6d966c
1 changed files with 3 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
firestore.rules
View File

@ -173,19 +173,15 @@ service cloud.firestore {
allow update: if (request.auth.uid == resource.data.creatorId || isAdmin()) allow update: if (request.auth.uid == resource.data.creatorId || isAdmin())
&& request.resource.data.diff(resource.data) && request.resource.data.diff(resource.data)
.affectedKeys() .affectedKeys()
.hasOnly(['name', 'about', 'contractIds', 'memberIds', 'anyoneCanJoin', 'aboutPostId' ]); .hasOnly(['name', 'about', 'anyoneCanJoin', 'aboutPostId' ]);
//allow update: if (request.auth.uid in resource.data.memberIds || resource.data.anyoneCanJoin)
// && request.resource.data.diff(resource.data)
// .affectedKeys()
// .hasOnly([ 'contractIds', 'memberIds' ]);
allow delete: if request.auth.uid == resource.data.creatorId; allow delete: if request.auth.uid == resource.data.creatorId;
match /groupContracts/{contractId} { match /groupContracts/{contractId} {
allow write: if isGroupMember(); allow write: if isGroupMember() || if request.auth.uid == resource.data.creatorId;
} }
match /groupMembers/{memberId}{ match /groupMembers/{memberId}{
allow create: if request.auth.uid == request.resource.data.userId && get(/databases/$(database)/documents/groups/$(groupId)).data.anyoneCanJoin; allow create: if request.auth.uid == resource.data.creatorId || (if request.auth.uid == request.resource.data.userId && get(/databases/$(database)/documents/groups/$(groupId)).data.anyoneCanJoin);
allow delete: if request.auth.uid == resource.data.userId; allow delete: if request.auth.uid == resource.data.userId;
} }