-
Notifications
You must be signed in to change notification settings - Fork 0
/
firestore.rules
40 lines (34 loc) · 1.44 KB
/
firestore.rules
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
// Allow read/write access on user specific document
// Or, read/write access to any if administrator
service cloud.firestore {
match /databases/{database}/documents {
match /users/{uid} {
function fieldsAreValidTypes(docData) {
return docData.name is map &&
docData.name.first is string &&
docData.get('name.middle', '') is string &&
docData.name.last is string &&
docData.address is string &&
docData.get('unit', '') is string &&
docData.birthday is string &&
docData.phone is string &&
docData.sin is string ;
}
// Allow write: if request.auth != null && request.auth.token.email == "admin@admin.com"
// Dont allow any client writing whatsoever
allow write, update: if false;
allow read: if request.auth != null;
// Allow the user to update their info
// EXCEPT the display ID
//allow update: if (request.auth != null) &&
//(request.resource.data.diff(resource.data).affectedKeys()
// .hasOnly(['name', 'birthday', 'address', 'unit', 'email', 'phone', 'sin', 'registered_courses'])) &&
//(!request.resource.data.diff(resource.data).affectedKeys()
// .hasAny(['display_id']));
}
match /training_courses/{document=**} {
allow read: if request.auth != null;
allow write, update, delete: if false;
}
}
}