-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathfirestore.rules
More file actions
39 lines (31 loc) · 1.28 KB
/
firestore.rules
File metadata and controls
39 lines (31 loc) · 1.28 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
// Helper function to check if a user is signed in
function isSignedIn() {
return request.auth != null;
}
// Helper function to check if the user is the owner of the document
function isOwner(userId) {
return isSignedIn() && request.auth.uid == userId;
}
// Users can only read/write their own profile
match /users/{userId} {
allow read, update, delete: if isOwner(userId);
allow create: if isSignedIn();
}
// Snippets rules
match /snippets/{snippetId} {
// Anyone can read a snippet if it's public
// The owner can read it even if it's private
allow get: if resource.data.isPublic == true || isOwner(resource.data.userId);
// Only authenticated users can query the snippets collection.
// Further filtering (e.g., for public snippets) should be done in the query itself.
allow list: if isSignedIn();
// An authenticated user can create a snippet, but only if they set themselves as the owner.
allow create: if isOwner(request.resource.data.userId);
// The owner can update or delete their own snippet.
allow update, delete: if isOwner(resource.data.userId);
}
}
}