Auth for description/close time, unauth for tags

This commit is contained in:
Ian Philips 2022-06-02 11:23:25 -06:00
parent 31a0a378ef
commit 9b4974a3da

View File

@ -50,7 +50,9 @@ service cloud.firestore {
match /contracts/{contractId} {
allow read;
allow update: if request.resource.data.diff(resource.data).affectedKeys()
.hasOnly(['description', 'closeTime', 'tags', 'lowercaseTags'])
.hasOnly(['tags', 'lowercaseTags']);
allow update: if request.resource.data.diff(resource.data).affectedKeys()
.hasOnly(['description', 'closeTime'])
&& resource.data.creatorId == request.auth.uid;
allow update: if isAdmin();
}