-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathfirestore.rules
29 lines (23 loc) · 1022 Bytes
/
firestore.rules
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth != null && request.auth.token.role == 'admin';
}
// Rules for any document within the members_only collection
match /members_only/{document} {
// Admins can read and write
allow read, write: if request.auth != null && request.auth.token.role == 'admin';
// Members can only read
allow read: if request.auth != null && request.auth.token.role == 'member';
}
// Rules for the event collection
// If member_only is not true (resource.data.member_only != true), any authenticated user can read the document.
// If member_only is true, then only users with a role of 'member' (request.auth.token.role == 'member') can read
// the document.
match /events/{event} {
allow read: if request.auth != null &&
(resource.data.member_only != true || request.auth.token.role == 'member');
}
}
}