-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathfirestore.rules
More file actions
36 lines (33 loc) · 1.04 KB
/
firestore.rules
File metadata and controls
36 lines (33 loc) · 1.04 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
rules_version = '2';
service cloud.firestore {
match /databases/{db}/documents {
function authedUid() {
return request.auth != null ? request.auth.uid : null;
}
function hasDeviceAccess(device) {
return authedUid() != null &&
device != null &&
device.data != null &&
(
device.data.ownerUserId == authedUid() ||
(
device.data.ownerUserIds != null &&
device.data.ownerUserIds.hasAny([authedUid()])
)
);
}
function canReadDevice(deviceId) {
return hasDeviceAccess(get(/databases/$(db)/documents/devices/$(deviceId)));
}
match /devices/{deviceId} {
allow read: if hasDeviceAccess(resource);
allow write: if false;
match /measures/{bucket} {
allow read: if canReadDevice(deviceId);
allow write: if false;
match /rows/{doc} { allow read: if canReadDevice(deviceId); allow write: if false; }
}
match /batches/{batchId} { allow read: if false; allow write: if false; }
}
}
}