-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathfirestore.rules
More file actions
35 lines (34 loc) · 1.58 KB
/
firestore.rules
File metadata and controls
35 lines (34 loc) · 1.58 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
/**
* @fileoverview Firestore Security Rules for Deadlock Defender Scenarios.
*
* Core Philosophy:
* This ruleset prioritizes ease of use for development and testing.
* The `scenarios` collection is configured for public read and write access to facilitate rapid prototyping and scenario seeding without authentication barriers.
* This is acceptable for development and testing, but NOT for production due to security risks.
*
* Data Structure:
* Scenarios are stored in the top-level `/scenarios/{scenarioId}` collection.
*
* Key Security Decisions:
* - Public Read/Write Access: The `/scenarios/{scenarioId}` collection allows unrestricted access for both reading and writing data, which is insecure for production environments.
* - No Authentication Required: All users, including unauthenticated ones, can freely access and modify scenario data.
*
* Denormalization for Authorization: N/A (authorization is completely open)
* Structural Segregation: N/A (only one collection with public access)
*/
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
/**
* @description Allows any user to read and write scenario documents.
* @path /databases/{database}/documents/scenarios/{scenarioId}
* @allow (read, write) - Any user can read or write any scenario document.
* @deny (none) - There are no restrictions on reads or writes.
* @principle Public access for prototyping. INSECURE FOR PRODUCTION.
*/
match /scenarios/{scenarioId} {
allow get, list: if true;
allow create, update, delete: if true;
}
}
}