prohibited changing other peoples markets

2022-06-02 01:17:45 +02:00 · 2022-06-02 01:17:45 +02:00 · 6f9b707643
commit 6f9b707643
parent 4a1c8d52b7
1 changed files with 2 additions and 1 deletions
--- a/firestore.rules
+++ b/firestore.rules
@ -45,7 +45,8 @@ service cloud.firestore {
    match /contracts/{contractId} {
      allow read;
      allow update: if request.resource.data.diff(resource.data).affectedKeys()
-        .hasOnly(['description', 'closeTime', 'tags', 'lowercaseTags', 'autoResolutionTime']);
+        .hasOnly(['description', 'closeTime', 'tags', 'lowercaseTags', 'autoResolutionTime'])
+        && resource.data.id == request.auth.uid;
      allow update: if isAdmin();
    }