-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathfirestore.rules
More file actions
38 lines (33 loc) · 1.44 KB
/
firestore.rules
File metadata and controls
38 lines (33 loc) · 1.44 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
// Users collection - users can read/write their own document
match /users/{userId} {
allow read, write: if request.auth != null && request.auth.uid == userId;
}
// Signals collection - public read, authenticated write
match /signals/{signalId} {
allow read: if true; // Public read - signals are public data
allow create: if request.auth != null;
allow update: if request.auth != null;
// Comments subcollection
match /comments/{commentId} {
allow read: if true; // Public read
allow create: if request.auth != null;
}
}
// Allow collection group queries for comments
match /{path=**}/comments/{commentId} {
allow read: if request.auth != null;
}
// Feedback collection - anyone can submit, only admins can read
match /feedback/{feedbackId} {
allow create: if request.resource.data.message is string
&& request.resource.data.message.size() > 0
&& request.resource.data.message.size() <= 1000
&& request.resource.data.type in ['general', 'bug', 'feature', 'other']
&& (!('email' in request.resource.data) || request.resource.data.email == null || request.resource.data.email is string);
allow read, update, delete: if false; // Only accessible via Admin SDK/Console
}
}
}