-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathdatabase.rules.json
31 lines (31 loc) · 1.01 KB
/
database.rules.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
{
"rules": {
"decks": {
// only logged-in users can see decks
".read": "auth != null"
},
"games": {
".indexOn": "host",
// banned users can't see any game
".read": "!root.child('banned/'+auth.uid).exists()",
// only admins can create and modify any game
".write": "root.child('admins/'+auth.uid).exists()",
"$game_key": {
// guests can create new games, but only the host can modify
".write": "root.child('guests/'+auth.uid).exists() && (newData.child('host').val() === auth.uid || data.child('host').val() === auth.uid)"
}
},
"users": {
// only logged-in unbanned users can see users
".read": "auth != null && !root.child('banned/'+auth.uid).exists()",
// only admins can modify any user
".write": "root.child('admins/'+auth.uid).exists()",
"$uid": {
"games": {
// only logged-in users can modify their own games
".write": "auth != null && auth.uid == $uid"
}
}
}
}
}