-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfirestore.rules
64 lines (59 loc) · 2.72 KB
/
firestore.rules
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read: if request.auth != null
&& request.auth.token.admin == true;
}
match /posts/{post} {
allow read;
allow write: if request.auth != null
&& request.auth.token.admin == true
&& request.resource.data.keys().hasOnly(['content', 'date', 'imageUrl', 'title'])
&& request.resource.data.content is string
&& request.resource.data.date is timestamp
&& request.resource.data.imageUrl is string
&& request.resource.data.title is string;
allow delete: if request.auth != null
&& request.auth.token.admin == true;
}
match /residents/{resident} {
allow read: if request.auth != null
&& (request.auth.token.psy == true || request.auth.uid == resource.data.accountID);
allow create, update: if request.auth != null
&& request.auth.token.admin == true
&& request.resource.data.keys().hasOnly(['accountID', 'birthDate', 'firstName', 'gender', 'isVisible', 'lastName'])
&& request.resource.data.accountID is string
&& request.resource.data.birthDate is timestamp
&& request.resource.data.firstName is string
&& request.resource.data.gender is string
&& request.resource.data.isVisible is bool
&& request.resource.data.lastName is string;
match /reports/{report} {
allow read: if request.auth != null && request.auth.token.psy == true;
allow read: if request.auth != null
&& get(/databases/$(database)/documents/residents/$(resident)).data.accountID == request.auth.uid;
allow create: if request.auth != null
&& (request.auth.token.admin == true || request.auth.token.psy == true)
&& request.resource.data.keys().hasOnly(['angry', 'comments', 'date', 'health', 'lonely', 'mood', 'rested', 'sad', 'wellFed'])
&& request.resource.data.angry is bool
&& request.resource.data.comments is string
&& request.resource.data.date is timestamp
&& request.resource.data.health is int
&& request.resource.data.health >= 1
&& request.resource.data.health <= 5
&& request.resource.data.lonely is bool
&& request.resource.data.mood is int
&& request.resource.data.mood >= 1
&& request.resource.data.mood <= 5
&& request.resource.data.rested is bool
&& request.resource.data.sad is bool
&& request.resource.data.wellFed is bool;
}
}
match /stats/{statistic} {
allow write: if request.auth != null
&& (request.auth.token.admin == true || request.auth.token.psy == true);
}
}
}