AmbaPay/Amba-Agent-App
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8e0deae6d0
Amba-Agent-App/firestore.rules
test 8e0deae6d0 first ever agent push
2026-01-16 00:22:35 +03:00

85 lines
2.7 KiB
Plaintext
Raw Blame History

rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
function isAuthenticated() {
return request.auth != null;
}
function isAdmin() {
return isAuthenticated() && request.auth.token.admin == true;
}
function isSignedInWithProvider(provider) {
return isAuthenticated() && request.auth.token.firebase.sign_in_provider == provider;
}
function isOwner(resourceData, field) {
return isAuthenticated() &&
((resourceData[field] != null && resourceData[field] == request.auth.uid) || isAdmin());
}
function isOwnerOfRequest(resourceData) {
return isAuthenticated() && (
(resourceData.uid != null && resourceData.uid == request.auth.uid) ||
(resourceData.requestorUid != null && resourceData.requestorUid == request.auth.uid) ||
(resourceData.requesteeUid != null && resourceData.requesteeUid == request.auth.uid) ||
isAdmin()
);
}
match /{document=**} {
allow read, write: if isAuthenticated() &&
(isAdmin() || isSignedInWithProvider('custom'));
}
match /users/{userId} {
allow create: if isAuthenticated() && (userId == request.auth.uid || isAdmin());
allow read, update, delete: if isOwner(resource.data, 'uid') || (request.auth.uid == userId) || isAdmin();
}
match /wallets/{walletId} {
allow create: if isOwner(request.resource.data, 'uid');
allow read, update, delete: if isOwner(resource.data, 'uid');
}
match /transactions/{transactionId} {
allow create: if isOwner(request.resource.data, 'uid');
allow read, update, delete: if isOwner(resource.data, 'uid');
}
match /recipients/{recipientId} {
allow create: if isOwner(request.resource.data, 'uid');
allow read, update, delete: if isOwner(resource.data, 'uid');
}
match /campaigns/{campaignId} {
allow create: if isOwner(request.resource.data, 'creatorId');
allow read, update, delete: if isOwner(resource.data, 'creatorId');
}
match /donations/{donationId} {
allow create: if isOwner(request.resource.data, 'donorId');
allow read, update, delete: if isOwner(resource.data, 'donorId');
}
match /notifications/{notificationId} {
allow create: if isOwner(request.resource.data, 'userId');
allow read, update, delete: if isOwner(resource.data, 'userId');
}
match /requests/{requestId} {
allow create: if isOwnerOfRequest(request.resource.data);
allow read, update, delete: if isOwnerOfRequest(resource.data);
}
match /admin/{document=**} {
allow read, write: if isAdmin();
}
match /{document=**} {
allow read, write: if false;
}
}
}
Reference in New Issue View Git Blame Copy Permalink