-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfirebase.rules.json
68 lines (67 loc) · 2.61 KB
/
firebase.rules.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
{
"rules": {
"$environment": {
".read": "root.child($environment).child('users:permissions').child(auth.uid).child('admin').val() === true", // is ADMIN
".write": "root.child($environment).child('users:permissions').child(auth.uid).child('admin').val() === true", // is ADMIN
"versions": {
".read": true
},
"faqs": {
".read": true
},
"featureFlags": {
".read": true
},
"competitions": {
".read": true,
"$competitionId": {
".write": "root.child($environment).child('users:permissions').child(auth.uid).child('competitions').child($competitionId).val() === true" // has PERMISSION
},
".indexOn": ["date"]
},
"competitions:data": {
"$competitionId": {
"staff": {
".read": true
},
"invites": {
"$inviteId": {
".read": "auth !== null", // is AUTHED
".write": "auth !== null" // is AUTHED
}
},
".read": "root.child($environment).child('competitions').child($competitionId).child('published').val() === true || root.child($environment).child('users:permissions').child(auth.uid).child('competitions').child($competitionId).val() === true", // is PUBLISHED || has PERMISSION
".write": "root.child($environment).child('users:permissions').child(auth.uid).child('competitions').child($competitionId).val() === true" // has PERMISSION
}
},
"competitions:submissions": {
"$competitionId": {
".write": "auth !== null && !data.exists() && !newData.child('approved').exists()" // is AUTHED and CREATING and NOT approving
}
},
"competitions:permissions": {
"$competitionId": {
".read": "root.child($environment).child('users:permissions').child(auth.uid).child('competitions').child($competitionId).val() === true" // has PERMISSION to same COMPETITION
}
},
"users": {
"$userId": {
".read": "auth !== null && auth.uid === $userId", // is SELF
".write": "auth !== null && auth.uid === $userId" // is SELF
}
},
"users:favorites": {
"$userId": {
".read": "auth !== null && auth.uid === $userId", // is SELF
".write": "auth !== null && auth.uid === $userId" // is SELF
}
},
"users:permissions": {
"$userId": {
".read": "auth !== null && auth.uid === $userId", // is SELF
".write": "auth !== null && auth.uid === $userId && !newData.exists()" // is REMOVING OWN permissions
}
}
}
}
}