Last active
October 4, 2017 04:05
-
-
Save SUPERCILEX/2d7fdb224e5452ead7484e32881673ac to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| service cloud.firestore { | |
| match /databases/{database}/documents { | |
| // Incorrect solution | |
| match /teams/{teamId} { | |
| allow read: ...; | |
| allow write: if request.resource.data.owners[request.auth.uid] is int // Returns false on delete! | |
| && isValidTeam(); | |
| } | |
| // Correct solution | |
| match /teams/{teamId} { | |
| allow read: ...; | |
| allow create: if request.resource.data.owners[request.auth.uid] is int && isValidTeam(); // Allow new teams using the "request" object | |
| allow update: if isExistingOwner() && isValidTeam(); // Only the user who created the team can update it | |
| allow delete: if isExistingOwner(); // Pre-write owners can delete a team | |
| } | |
| } | |
| } | |
| function isExistingOwner() { | |
| return resource.data.owners[request.auth.uid] is int; | |
| } | |
| function isValidTeam() { | |
| return ...; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment