a3663d03e8
* Added radio buttons to market creation (non functional) * Ignoring vs code files Should this be done in the repo or should everyone using VS Code do that himself globally on his machine(s)? * Removed 'automatic' resolution * added union type for resolution * revert: resolution could be anything here (non binary markets) * Expanded ChoicesToggleGroup for string choices * Added combined resolution and required buttons to market creation * restricted automatic resolution to binary markets * added automatic resolution to contract * added automatic resolution to contract overview * string or number array to mixed array * created const for resolutions * Added comments for leading semicolons * configuration of auto resolution on market creation * v1.22.19 * v1.0.0 * v0.0.0 * v1.0.0 * v1.22.19 * Mock display automatic resolution * Revert changes to market creation * Revert "v1.22.19" This reverts commit22f59adc9c. * Removed resolutiontype from contract creation * Added auto resolution time to contract * Auto resolution date editable * refactoring * Editable interface for auto resolution * New edit interface for auto resolution * Setting of auto resolve date when changing close date * prohibited changing other peoples markets * removed unnecessary export * refactoring (cherry picked from commit4de86d5b08) * Added comments for leading semicolons (cherry picked from commit60739c7853) * Ignoring vs code files Should this be done in the repo or should everyone using VS Code do that himself globally on his machine(s)? (cherry picked from commit944de9398a) * removed unused imports and variables * added type for binary resolution * Prettier * const for binary resolutions * using the type "resolution" * Prettier * Re-added comment * Update functions/src/create-contract.ts * Revert "Ignoring vs code files" This reverts commit09aea5c207. * launch config for debugging with vs code WIP * "Launch Chrome" does not work since login via google is not possible in debugger-chrome * Breakpoints are unbound when attached to chrome * Revert "Added comments for leading semicolons" * prettier * linebreak crlf * vscode settings * correct linebreaks * search exclusion * automatic prettifier * vscode settings * correct linebreaks * search exclusion * automatic prettifier * Working debugger config * fix merge * Removed comments, default resolution MKT * removed vscode from gitignore * refactoring description update * Added auto resolution to LiteMarket * fix date, setDate mutates object * fixed firestore.rules * script to add auto resolution to all markets * regularely auto resolve markets * fix description error * moved calculate ts for access in firebase * Revert "moved calculate ts for access in firebase" This reverts commit8380bf4f72. * fix reference to calculate for firebase * fixed references to time * renamed function * added description * added auto resolution to description * direct bool check instead of != null * direct bool check instead of != undefined * remove explicit type * Fix free response markets * removed contract from functionname * interval set to 1h * query instead of filter * folds ~> contracts * query instead of filter * promise.all instead of foreach * removed contractDoc from function header * removed autoResolution from function header * batchedWaitAll instead of promise.all * removed unused parameter * replaced auto resolution with constant * suggestions from PR * fix comment * removed unused imports * added scripts to add close dates on prod * optimization * removed test script * security: only auto resolve markets which are closed * consistency checks * re-added type check for binary markets * moved check of probability into switch case block * removed unused import * auto resolution every minute * auto resolution time optional * pr fixes
116 lines
4.2 KiB
Plaintext
116 lines
4.2 KiB
Plaintext
rules_version = '2';
|
|
|
|
// To pick the right project: `firebase projects:list`, then `firebase use <project-name>`
|
|
// To deploy: `firebase deploy --only firestore:rules`
|
|
service cloud.firestore {
|
|
match /databases/{database}/documents {
|
|
|
|
function isAdmin() {
|
|
return request.auth.uid == 'igi2zGXsfxYPgB0DJTXVJVmwCOr2' // Austin
|
|
|| request.auth.uid == '5LZ4LgYuySdL1huCWe7bti02ghx2' // James
|
|
|| request.auth.uid == 'tlmGNz9kjXc2EteizMORes4qvWl2' // Stephen
|
|
|| request.auth.uid == 'IPTOzEqrpkWmEzh6hwvAyY9PqFb2' // Manifold
|
|
}
|
|
|
|
match /users/{userId} {
|
|
allow read;
|
|
allow update: if resource.data.id == request.auth.uid
|
|
&& request.resource.data.diff(resource.data).affectedKeys()
|
|
.hasOnly(['bio', 'bannerUrl', 'website', 'twitterHandle', 'discordHandle', 'followedCategories']);
|
|
}
|
|
|
|
match /users/{userId}/follows/{followUserId} {
|
|
allow read;
|
|
allow write: if request.auth.uid == userId;
|
|
}
|
|
|
|
match /{somePath=**}/follows/{followUserId} {
|
|
allow read;
|
|
}
|
|
|
|
match /private-users/{userId} {
|
|
allow read: if resource.data.id == request.auth.uid || isAdmin();
|
|
allow update: if (resource.data.id == request.auth.uid || isAdmin())
|
|
&& request.resource.data.diff(resource.data).affectedKeys()
|
|
.hasOnly(['apiKey', 'unsubscribedFromResolutionEmails', 'unsubscribedFromCommentEmails', 'unsubscribedFromAnswerEmails', 'notificationPreferences' ]);
|
|
}
|
|
|
|
match /private-users/{userId}/views/{viewId} {
|
|
allow create: if userId == request.auth.uid;
|
|
}
|
|
|
|
match /private-users/{userId}/events/{eventId} {
|
|
allow create: if userId == request.auth.uid;
|
|
}
|
|
|
|
match /private-users/{userId}/latency/{loadTimeId} {
|
|
allow create: if userId == request.auth.uid;
|
|
}
|
|
|
|
match /private-users/{userId}/cache/{docId} {
|
|
allow read: if userId == request.auth.uid || isAdmin();
|
|
}
|
|
|
|
match /contracts/{contractId} {
|
|
allow read;
|
|
allow update: if request.resource.data.diff(resource.data).affectedKeys()
|
|
.hasOnly(['tags', 'lowercaseTags']);
|
|
allow update: if request.resource.data.diff(resource.data).affectedKeys()
|
|
.hasOnly(['description', 'closeTime', 'autoResolutionTime'])
|
|
&& resource.data.creatorId == request.auth.uid;
|
|
allow update: if isAdmin();
|
|
}
|
|
|
|
match /{somePath=**}/bets/{betId} {
|
|
allow read;
|
|
}
|
|
|
|
match /{somePath=**}/liquidity/{liquidityId} {
|
|
allow read;
|
|
}
|
|
|
|
function commentMatchesUser(userId, comment) {
|
|
// it's a bad look if someone can impersonate other ids/names/avatars so check everything
|
|
let user = get(/databases/$(database)/documents/users/$(userId));
|
|
return comment.userId == userId
|
|
&& comment.userName == user.data.name
|
|
&& comment.userUsername == user.data.username
|
|
&& comment.userAvatarUrl == user.data.avatarUrl;
|
|
}
|
|
|
|
match /{somePath=**}/comments/{commentId} {
|
|
allow read;
|
|
allow create: if request.auth != null && commentMatchesUser(request.auth.uid, request.resource.data);
|
|
}
|
|
|
|
match /{somePath=**}/answers/{answerId} {
|
|
allow read;
|
|
}
|
|
|
|
match /folds/{foldId} {
|
|
allow read;
|
|
allow update: if request.auth.uid == resource.data.curatorId
|
|
&& request.resource.data.diff(resource.data).affectedKeys()
|
|
.hasOnly(['name', 'about', 'tags', 'lowercaseTags']);
|
|
allow delete: if request.auth.uid == resource.data.curatorId;
|
|
}
|
|
|
|
match /{somePath=**}/followers/{userId} {
|
|
allow read;
|
|
allow create, update: if request.auth.uid == userId && request.resource.data.userId == userId;
|
|
allow delete: if request.auth.uid == userId;
|
|
}
|
|
|
|
match /txns/{txnId} {
|
|
allow read;
|
|
}
|
|
|
|
match /users/{userId}/notifications/{notificationId} {
|
|
allow read;
|
|
allow update: if resource.data.userId == request.auth.uid
|
|
&& request.resource.data.diff(resource.data).affectedKeys()
|
|
.hasOnly(['isSeen', 'viewTime']);
|
|
}
|
|
}
|
|
}
|