50 lines
1.3 KiB
Plaintext
50 lines
1.3 KiB
Plaintext
rules_version = '2';
|
|
service cloud.firestore {
|
|
match /databases/{database}/documents {
|
|
match /users/{user} {
|
|
|
|
function isUser(rsc) {
|
|
return rsc.id == request.auth.uid
|
|
}
|
|
|
|
function isAdmin() {
|
|
return get(/databases/$(database)/documents/users/$(request.auth.uid)).data.role == 'admin'
|
|
}
|
|
|
|
allow create: if request.resource.id == request.auth.uid;
|
|
allow list: if isUser(resource) || isAdmin();
|
|
allow write: if isUser(resource) || isAdmin();
|
|
allow read: if request.auth.uid != null;
|
|
}
|
|
|
|
match /guest/{guestId} {
|
|
allow read: if true;
|
|
allow write: if request.auth.uid != null;
|
|
}
|
|
match /songs/{song} {
|
|
allow read: if request.auth.uid != null;
|
|
allow write: if request.auth.uid != null;
|
|
}
|
|
match /songs/{song}/files/{file} {
|
|
allow read: if request.auth.uid != null;
|
|
allow write: if request.auth.uid != null;
|
|
}
|
|
match /shows/{show} {
|
|
allow read: if request.auth.uid != null;
|
|
allow write: if request.auth.uid != null;
|
|
}
|
|
match /shows/{show}/songs/{song} {
|
|
allow read: if request.auth.uid != null;
|
|
allow write: if request.auth.uid != null;
|
|
}
|
|
|
|
match /global/{global} {
|
|
allow read: if request.auth.uid != null;
|
|
allow write: if request.auth.uid != null;
|
|
}
|
|
|
|
}
|
|
}
|
|
|
|
|