open.source/manifold
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update firestore rules

Browse Source
This commit is contained in:
Ian Philips 2022-09-02 16:38:14 -06:00
parent 57f59ebfc4
commit 0c2e6d966c
1 changed files with 3 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
firestore.rules
View File

@ -173,19 +173,15 @@ service cloud.firestore {
allow update: if (request.auth.uid == resource.data.creatorId || isAdmin())
&& request.resource.data.diff(resource.data)
.affectedKeys()
.hasOnly(['name', 'about', 'contractIds', 'memberIds', 'anyoneCanJoin', 'aboutPostId' ]);
//allow update: if (request.auth.uid in resource.data.memberIds || resource.data.anyoneCanJoin)
// && request.resource.data.diff(resource.data)
// .affectedKeys()
// .hasOnly([ 'contractIds', 'memberIds' ]);
.hasOnly(['name', 'about', 'anyoneCanJoin', 'aboutPostId' ]);
allow delete: if request.auth.uid == resource.data.creatorId;
match /groupContracts/{contractId} {
allow write: if isGroupMember();
allow write: if isGroupMember() || if request.auth.uid == resource.data.creatorId;
}
match /groupMembers/{memberId}{
allow create: if request.auth.uid == request.resource.data.userId && get(/databases/$(database)/documents/groups/$(groupId)).data.anyoneCanJoin;
allow create: if request.auth.uid == resource.data.creatorId || (if request.auth.uid == request.resource.data.userId && get(/databases/$(database)/documents/groups/$(groupId)).data.anyoneCanJoin);
allow delete: if request.auth.uid == resource.data.userId;
}