first commit
This commit is contained in:
30
firestore.rules
Normal file
30
firestore.rules
Normal file
@@ -0,0 +1,30 @@
|
||||
rules_version = '2';
|
||||
|
||||
service cloud.firestore {
|
||||
match /databases/{database}/documents {
|
||||
|
||||
// Check if user has role 5 or higher
|
||||
function isElevatedRole() {
|
||||
return request.auth.token.role >= 5;
|
||||
}
|
||||
|
||||
// Match individual user documents by UID
|
||||
match /users/{docId} {
|
||||
// Either the authenticated user's UID matches the document UID OR they have an elevated role
|
||||
allow read, write: if request.auth.uid == docId || isElevatedRole();
|
||||
}
|
||||
|
||||
// Match individual progress documents by UID
|
||||
match /progresses/{userId} {
|
||||
// Either the authenticated user's UID matches the document UID OR they have an elevated role
|
||||
allow read, write: if request.auth.uid == userId || isElevatedRole();
|
||||
}
|
||||
|
||||
|
||||
// Allow reading of all other documents
|
||||
match /{document=**} {
|
||||
allow read;
|
||||
allow write: if request.auth.uid != null || isElevatedRole();
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user