From 6f9b7076435adbeca97d8bc8ec6df0ae209f4a48 Mon Sep 17 00:00:00 2001
From: Milli <onethenumbernottheword@gmail.com>
Date: Thu, 2 Jun 2022 01:17:45 +0200
Subject: [PATCH] prohibited changing other peoples markets

---
 firestore.rules | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/firestore.rules b/firestore.rules
index 2a0f84c8..ecc48ccf 100644
--- a/firestore.rules
+++ b/firestore.rules
@@ -45,7 +45,8 @@ service cloud.firestore {
     match /contracts/{contractId} {
       allow read;
       allow update: if request.resource.data.diff(resource.data).affectedKeys()
-        .hasOnly(['description', 'closeTime', 'tags', 'lowercaseTags', 'autoResolutionTime']);
+        .hasOnly(['description', 'closeTime', 'tags', 'lowercaseTags', 'autoResolutionTime'])
+        && resource.data.id == request.auth.uid;
       allow update: if isAdmin();
     }