Last active
July 7, 2020 16:58
-
-
Save shadow1349/f43309814ab57c31f43a5a7508bedae9 to your computer and use it in GitHub Desktop.
Firestore Rules
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| rules_version = '2'; | |
| service cloud.firestore { | |
| match /databases/{database}/documents { | |
| match /Users/{UserId} { | |
| // Allow anyone to create an account | |
| allow create: if true; | |
| // UserId comes from {UserId} above | |
| // the UserId will be auto-filled with the UserId | |
| // of the user trying to access this record | |
| allow read, update, delete: if isOwner(UserId); | |
| } | |
| match /Posts/{PostId} { | |
| allow create: if isLoggedIn(); | |
| allow read: true; | |
| // resource.data will give you access to the document data | |
| // so if your document has a field called OwnerId you can access | |
| // that and check it against the current user | |
| allow update, delete: if isOwner(resource.data.OwnerId); | |
| } | |
| match /Comments/{CommentId} { | |
| allow read, create: if isLoggedIn(); | |
| allow update, delete: if isOwner(resource.data.OwnerId); | |
| } | |
| // You can create custom functions so that you can re-use logic | |
| // for rules. | |
| function isLoggedIn() { | |
| return request.auth.uid != null; | |
| } | |
| function isOwner(uid) { | |
| return request.auth.uid == uid; | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment