Skip to content

Commit

Permalink
firestore rules for sessions (#50)
Browse files Browse the repository at this point in the history 
---------

Co-authored-by: Marcell Guilherme Costa da Silva <[email protected]>
  • Loading branch information
@rcmuniz1994 @Mazuh
rcmuniz1994 and Mazuh authored Oct 30, 2023
1 parent 743d6d7 commit 5b43dbf
Showing 1 changed file with 14 additions and 10 deletions.
24 changes: 14 additions & 10 deletions firestore.rules
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,19 @@
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /calls/{callId}/users/{document=**} {
allow create: if
request.auth.uid != null && request.auth.uid == request.resource.data.userUid;
match /session/{document=**} {
allow read, write: if
request.auth.uid != null;
}
match /calls/{callId}/users/{document=**} {
allow create: if
request.auth.uid != null && request.auth.uid == request.resource.data.userUid;
allow read, list: if
request.auth.uid != null;
allow update: if
request.auth.uid != null && get(/databases/$(database)/documents/calls/$(callId)).data.hostId == request.auth.uid;
request.auth.uid != null && get(/databases/$(database)/documents/calls/$(callId)).data.hostId == request.auth.uid;
allow delete: if
request.auth.uid != null && (get(/databases/$(database)/documents/calls/$(callId)).data.hostId == request.auth.uid || request.auth.uid == resource.data.userUid);
request.auth.uid != null && (get(/databases/$(database)/documents/calls/$(callId)).data.hostId == request.auth.uid || request.auth.uid == resource.data.userUid);
}
match /calls/{callId}/p2p-descriptions/{descriptionId} {
allow create, update, delete: if
Expand All @@ -18,12 +22,12 @@ service cloud.firestore {
request.auth.uid != null
}
match /calls/{document} {
allow read: if
request.auth.uid != null;
allow read: if
request.auth.uid != null;
allow create: if
request.auth.uid != null && request.auth.uid == request.resource.data.hostId;
allow update, delete: if
request.auth.uid != null && request.auth.uid == resource.data.hostId;
allow update, delete: if
request.auth.uid != null && request.auth.uid == resource.data.hostId;
}
}
}
}

0 comments on commit 5b43dbf

Please sign in to comment.