From 3580c3ba1c89c98343616752f579a079c078fe04 Mon Sep 17 00:00:00 2001 From: Leonhard Driesch Date: Mon, 8 Feb 2021 09:08:59 +0100 Subject: [PATCH] :lock: Update firebase security rules --- firebase/firestore.rules | 60 ++++++++++++++++++++-------------------- 1 file changed, 30 insertions(+), 30 deletions(-) diff --git a/firebase/firestore.rules b/firebase/firestore.rules index bc96f5b..87efc96 100644 --- a/firebase/firestore.rules +++ b/firebase/firestore.rules @@ -1,36 +1,36 @@ rules_version = '2'; service cloud.firestore { - match /databases/{database}/documents { - match /{document=**} { - allow read, write: if false; - } - - function isUserPermitted() { - let authDoc = get(/databases/$(database)/documents/auth/authorizedUsers); - - return authDoc.data.emails.hasAll([request.auth.token.email]); - } + match /databases/{database}/documents { + match /{document=**} { + allow read, write: if false; + } - match /forms/{formId} { - allow read: if isUserPermitted(); - - allow write: if isUserPermitted(); - } - - match /submissions/{submissionId} { - allow read: if isUserPermitted(); - - allow write: if isUserPermitted(); - } - - function isRequestUser(userId) { - return userId == request.auth.uid; - } - - match /users/{userId} { - allow read: if isRequestUser(userId); + function isUserPermitted() { + let authDoc = get(/databases/$(database)/documents/auth/authorizedUsers); + + return authDoc.data.emails.hasAll([request.auth.token.email]); + } + + match /forms/{formId} { + allow read: if isUserPermitted(); - allow write: if isRequestUser(userId); - } + allow write: if isUserPermitted(); + } + + match /submissions/{submissionId} { + allow read: if isUserPermitted(); + + allow write: if isUserPermitted(); + } + + function isRequestUser(userId) { + return userId == request.auth.uid; + } + + match /users/{userId} { + allow read: if isRequestUser(userId); + + allow write: if isRequestUser(userId); } + } } \ No newline at end of file