From e7ef6134b5a3f85330c5d9285ddbd474fd4dcbd9 Mon Sep 17 00:00:00 2001 From: Austin Chen Date: Mon, 24 Jan 2022 00:45:46 -0600 Subject: [PATCH] Allow admins to see private-users info --- .firebaserc | 2 +- firebase.json | 6 +++++- firestore.rules | 10 +++++++++- 3 files changed, 15 insertions(+), 3 deletions(-) diff --git a/.firebaserc b/.firebaserc index 0e191214..3f127a9a 100644 --- a/.firebaserc +++ b/.firebaserc @@ -4,4 +4,4 @@ "prod": "mantic-markets", "dev": "dev-mantic-markets" } -} \ No newline at end of file +} diff --git a/firebase.json b/firebase.json index 29b08290..988e04a4 100644 --- a/firebase.json +++ b/firebase.json @@ -1,6 +1,10 @@ { "functions": { "predeploy": "npm --prefix \"$RESOURCE_DIR\" run build", - "runtime": "nodejs12" + "runtime": "nodejs12", + "source": "functions" + }, + "firestore": { + "rules": "firestore.rules" } } diff --git a/firestore.rules b/firestore.rules index 2091eb0c..7d24cf66 100644 --- a/firestore.rules +++ b/firestore.rules @@ -1,14 +1,22 @@ rules_version = '2'; +// To deploy: `firebase deploy --only firestore:rules` service cloud.firestore { match /databases/{database}/documents { + function isAdmin() { + return request.auth.uid == 'igi2zGXsfxYPgB0DJTXVJVmwCOr2' // Austin + || request.auth.uid == '5LZ4LgYuySdL1huCWe7bti02ghx2' // James + || request.auth.uid == 'tlmGNz9kjXc2EteizMORes4qvWl2' // Stephen + || request.auth.uid == 'IPTOzEqrpkWmEzh6hwvAyY9PqFb2' // Manifold + } + match /users/{userId} { allow read; } match /private-users/{userId} { - allow read: if resource.data.creatorId == request.auth.uid; + allow read: if resource.data.creatorId == request.auth.uid || isAdmin(); } match /contracts/{contractId} {