This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rules_version = '2'; | |
service firebase.storage { | |
match /b/{bucket}/o { | |
match /assets/{allPaths=**} { | |
allow read, write: if false; | |
} | |
match /restraurants/{restaurant}/{allPaths=**} { | |
allow read, write: if request.auth.token[restaurant] in ['Manager', 'Waiter'] | |
} | |
match /default/{allPaths=**} { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rules_version = '2'; | |
service cloud.firestore { | |
match /databases/{database}/documents { | |
match /{document=**} { | |
allow read, write: if false; | |
} | |
match /restaurants/{restaurant} { | |
allow get, list, create: if true; | |
// before: allow update, delete: if hasAccessToRestaurant('Manager', restaurant); | |
allow update, delete: if request.auth.token[restaurant] in ['Manager'] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
exports.updateRestaurantAccessClaim = functions.firestore | |
.document("restaurants/{restaurant}/admin/users") | |
.onWrite(async (change, context) => { | |
const { before, after } = change; | |
if (!after.exists) { | |
// delete | |
// nothing to do | |
return; | |
} | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
exports.updateRestaurantAccessClaim = functions.firestore | |
.document("restaurants/{restaurant}/admin/users") | |
.onWrite(async (change, context) => { | |
const { before, after } = change; | |
if (!after.exists) { | |
// delete | |
// nothing to do | |
return; | |
} | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
exports.updateRestaurantAccessClaim = functions.firestore | |
.document("restaurants/{restaurant}/admin/users") | |
.onWrite(async (change, context) => { | |
const { before, after } = change; | |
if (!after.exists) { | |
// delete | |
// nothing to do | |
return; | |
} | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const functions = require('firebase-functions'); | |
const admin = require("firebase-admin"); | |
export.updateRestaurantAccessClaim = functions.firestore | |
.document("/restaurants/{restaurant}/admin/users") | |
.onWrite(async (change, context) => { | |
// that's where the magic happens | |
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
...someuserobject, | |
'<restaurantId>': '<role>' | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
match /restaurants/{restaurant} { | |
allow read, write: if request.auth.token.admin == true; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rules_version = '2'; | |
service cloud.firestore { | |
match /databases/{database}/documents { | |
match /{document=**} { | |
allow read, write: if false; | |
} | |
match /restaurants/{restaurant} { | |
allow get, list, create: if true; | |
allow update, delete: if hasAccessToRestaurant('Manager', restaurant); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// is signed in | |
function isSignedIn() { | |
return request.auth != null; | |
} | |
// get roles from restaurant admin section | |
function getRoles(restaurant) { | |
return get(/databases/$(database)/documents/restaurants/$(restaurant)/admin/users).data; | |
} | |
// check if access to restaurant is granted | |
function hasAccessToRestaurant(role, restaurant) { |
NewerOlder