Skip to content

Commit a58c807

Browse files
horaciocome1horaciocome1
authored
Merge pull request #5 from horaciocome1/cleaned-rules
got rid of fancy functions
2 parents 6b0c05c + d5146cf commit a58c807

File tree

1 file changed

+28
-35
lines changed

1 file changed

+28
-35
lines changed

firestore.rules

Lines changed: 28 additions & 35 deletions
Original file line numberDiff line numberDiff line change
@@ -1,18 +1,3 @@
1-
function isSigned() {
2-
// verifies if the request is from a signed user
3-
return request.auth != null
4-
}
5-
6-
function isAuthor(post) {
7-
// verifies if the user is the author of the post
8-
return post.user.id == request.auth.uid
9-
}
10-
11-
function isFromTopic(post, topicId) {
12-
// verifies if the post is from the passed topic id
13-
return post.topic.id == topicId
14-
}
15-
161
service cloud.firestore {
172

183
match /databases/{database}/documents {
@@ -23,30 +8,30 @@ service cloud.firestore {
238

249
// every signed user can read a topic
2510
// every signed user need to increment topic's post field when creating a post
26-
allow read, update: if isSigned()
11+
allow read, update: if request.auth != null;
2712

2813
match /posts/{postId} {
2914

3015
// every signed user can read a list of posts from an topic
31-
allow read: if isSigned()
16+
allow read: if request.auth != null;
3217

3318
// to create an post document inside an topic:
3419
// - the user must be signed
3520
// - the user must be the author of that post
3621
// - the post's topic must pair with the parent topic
37-
allow create: if (isSigned() && isAuthor(request.resource.data) && isFromTopic(request.resource.data, topicId))
22+
allow create: if request.auth != null && request.resource.data.user.id == request.auth.uid && request.resource.data.topic.id == topicId;
3823

3924
}
4025

4126
match /users/{userId} {
4227

4328
// every signed user can read a list of users that write to an topic
44-
allow read: if isSigned()
29+
allow read: if request.auth != null;
4530

4631
// to create an user document inside an topic:
4732
// - the user must be signed
4833
// - the user can only create for himself
49-
allow create: if (isSigned() && userId == request.auth.uid)
34+
allow create: if request.auth != null && userId == request.auth.uid;
5035

5136
}
5237

@@ -61,15 +46,15 @@ service cloud.firestore {
6146
// to create an post document:
6247
// - the user must be signed
6348
// - the user must be the author of that post
64-
allow create: if (isSigned() && isAuthor(request.resource.data))
49+
allow create: if request.auth != null && request.resource.data.user.id == request.auth.uid;
6550

6651
// any signed user can read an post
6752
// any signed user can update an post to increment bookmarks, shares, or readings
68-
allow read, update: if isSigned()
53+
allow read, update: if request.auth != null;
6954

7055
match /ratings/{userId} {
7156
// to create, delete or read a rating the user must signed and be the author of that rating
72-
allow create, update, read: if (isSigned() && userId == request.auth.uid)
57+
allow create, update, read: if request.auth != null && userId == request.auth.uid;
7358
}
7459

7560
}
@@ -82,57 +67,57 @@ service cloud.firestore {
8267

8368
// any signed user can read an user document
8469
// any signed user can update an user document to increment or decrement subscriptions or subscribers
85-
allow read, update: if isSigned()
70+
allow read, update: if request.auth != null;
8671

8772
match /feed/{postId} {
8873
// to read an post document on a feed:
8974
// - the user must be signed
9075
// - the user must be reading its own feed
91-
allow read: if (isSigned() && userId == request.auth.uid)
76+
allow read: if request.auth != null && userId == request.auth.uid;
9277
}
9378

9479
match /posts/{postId} {
9580

9681
// any signed user can read an post document of some author
97-
allow read: if isSigned()
82+
allow read: if request.auth != null;
9883

9984
// to create an post document inside user's posts subcollection:
10085
// - the user must be signed
10186
// - the user must be the author
102-
allow create: if (isSigned() && isAuthor(request.resource.data))
87+
allow create: if request.auth != null && request.resource.data.user.id == request.auth.uid;
10388

10489
}
10590

10691
match /readings/{postId} {
10792
// to create an post document inside user's readings subcollection:
10893
// - the user must be signed
10994
// - the user can only create for himself
110-
allow create: if (isSigned() && userId == request.auth.uid)
95+
allow create: if request.auth != null && userId == request.auth.uid;
11196
}
11297

11398
match /shares/{postId} {
11499
// to create an post document inside user's shares subcollection:
115100
// - the user must be signed
116101
// - the user can only create for himself
117-
allow create: if (isSigned() && userId == request.auth.uid)
102+
allow create: if request.auth != null && userId == request.auth.uid;
118103
}
119104

120105
match /bookmarks/{postId} {
121106
// to create, delete or read an post document inside user's bookmarks subcollection:
122107
// - the user must be signed
123108
// - the user can only create, delete or read his own bookmarks
124-
allow create, delete, read: if (isSigned() && userId == request.auth.uid)
109+
allow create, delete, read: if request.auth != null && userId == request.auth.uid;
125110
}
126111

127112
match /subscriptions/{subscriptionId} {
128113

129114
// to create or delete an subscription document:
130115
// - the user must be signed
131116
// - the user can only create or delete for himself
132-
allow create, delete: if (isSigned() && userId == request.auth.uid)
117+
allow create, delete: if request.auth != null && userId == request.auth.uid;
133118

134119
// any signed user can read an user subscriptions
135-
allow read: if isSigned()
120+
allow read: if request.auth != null;
136121

137122
}
138123

@@ -141,16 +126,24 @@ service cloud.firestore {
141126
// to create or delete an subscriber document:
142127
// - the user must be signed
143128
// - the user can only create or delete if he is the subscriber
144-
allow write: if (isSigned() && subscriberId == request.auth.uid)
129+
allow write: if request.auth != null && subscriberId == request.auth.uid;
145130

146131
// any signed user can read an user subscribers
147-
allow read: if isSigned()
132+
allow read: if request.auth != null;
148133

149134
}
150135

151136
}
152137

153-
// ------------- 03. END OF USERS RULES
138+
// ------------- 03. END OF USERS RULES
139+
140+
// ------------- 04. START OF CONFIGURATIONS RULES
141+
142+
match /configurations/default {
143+
allow read: if request.auth != null
144+
}
145+
146+
// ------------- 04. START OF CONFIGURATIONS RULES
154147

155148
}
156149

0 commit comments

Comments
 (0)