Created
October 14, 2019 10:18
-
-
Save adityadroid/79216f9b8b7bbf83b5d349be2a74a930 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| rules_version = '2'; | |
| service cloud.firestore { | |
| match /databases/{database}/documents { | |
| match /users/{document=**} { | |
| //Allow creating a new user to anyone who is authenticated | |
| allow create: if isSignedIn(); | |
| //Allow read if signed in | |
| allow read: if isSignedIn(); | |
| //Allow write if isSignedIn() cannot check for uid matching here because other users can also edit to add new contact. Will add validation to it later | |
| allow write: if isSignedIn(); | |
| // Allow update only if the uid matches (same user) | |
| allow update: if isSignedIn() && request.auth.uid == resource.data.uid; | |
| // Allow delete only if the uid matches (same user) | |
| allow delete: if isSignedIn() && request.auth.uid == resource.data.uid; | |
| } | |
| match /username_uid_map/{document=**} { | |
| allow create, read : if isSignedIn(); //Once a uid mapping is created it cannot be deleted or updated from the app | |
| } | |
| match /chats/{document=**} { | |
| //Allow users to only create and read chats. Delete and update not available right now | |
| allow create,read : if isSignedIn(); | |
| } | |
| } | |
| } | |
| function isSignedIn() { | |
| return request.auth.uid != null; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment