Last active
December 31, 2016 03:01
-
-
Save DennisAlund/8944dcf485840d42c62fabc0dcb8072d to your computer and use it in GitHub Desktop.
An example of bolt file for the article: https://medium.com/evenbit/securing-your-firebase-app-part-1-5eb4dce4c852
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| path /messages/{message_id} is Timestamped<Message>; | |
| type Message { | |
| id: FirebaseId | |
| message_hash: Immutable<MD5Hash>, | |
| message: String, | |
| author: FirebaseId, | |
| create() { isSignedIn() } | |
| read() { isSignedIn() } | |
| update() { isCurrentUser(prior(this.author)) } | |
| delete() { isCurrentUser(prior(this.author)) } | |
| validate() { this.id === key() } | |
| } | |
| type Immutable<T> extends T { | |
| validate() { this === prior(this) || prior(this) === null } | |
| } | |
| type Timestamped<T> extends T { | |
| modified: CurrentTimestamp, | |
| created: InitialTimestamp | |
| } | |
| type FirebaseId extends String { | |
| validate() { this.length >= 20 && this.matches(/^[A-Za-z0-9\-_]+$/i) } | |
| } | |
| type TimeStamp extends Number { | |
| validate() { this >= 0 } | |
| } | |
| type CurrentTimestamp extends TimeStamp { | |
| validate() { this === now } | |
| } | |
| type InitialTimestamp extends TimeStamp { | |
| validate() { isInitialValue(this, now) } | |
| } | |
| type MD5Hash extends String { | |
| validate() { this.length === 32 && this.matches(/^[A-Za-z0-9]{32}$/i) } | |
| } | |
| isInitialValue(value, init) { value === (prior(value) === null ? init : prior(value)) } | |
| isCurrentUser(uid) { isSignedIn() && auth.uid === uid } | |
| isSignedIn() { auth !== null } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "rules": { | |
| "messages": { | |
| "$message_id": { | |
| ".validate": "newData.hasChildren(['id', 'message_hash', 'message', 'author', 'modified', 'created']) && newData.child('id').val() == $message_id", | |
| "id": { | |
| ".validate": "newData.isString() && newData.val().length >= 20 && newData.val().matches(/^[A-Za-z0-9\\-_]+$/i)" | |
| }, | |
| "message_hash": { | |
| ".validate": "newData.isString() && newData.val().length == 32 && newData.val().matches(/^[A-Za-z0-9]{32}$/i) && (newData.val() == data.val() || data.val() == null)" | |
| }, | |
| "message": { | |
| ".validate": "newData.isString()" | |
| }, | |
| "author": { | |
| ".validate": "newData.isString() && newData.val().length >= 20 && newData.val().matches(/^[A-Za-z0-9\\-_]+$/i)" | |
| }, | |
| "$other": { | |
| ".validate": "false" | |
| }, | |
| ".write": "data.val() == null && auth != null || data.val() != null && newData.val() != null && (auth != null && auth.uid == data.child('author').val()) || data.val() != null && newData.val() == null && (auth != null && auth.uid == data.child('author').val())", | |
| ".read": "auth != null", | |
| "modified": { | |
| ".validate": "newData.isNumber() && newData.val() >= 0 && newData.val() == now" | |
| }, | |
| "created": { | |
| ".validate": "newData.isNumber() && newData.val() >= 0 && newData.val() == (data.val() == null ? now : data.val())" | |
| } | |
| } | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment