storager/firestore.rules at main · Reterics/storager

62 lines (59 loc) · 1.78 KB

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    function isSignedIn() {
      return request.auth != null;
    // Users can only read/write their own user document
    match /users/{userId} {
      allow read: if isSignedIn() && userId == request.auth.uid;
      allow create, update, delete: if isSignedIn() && userId == request.auth.uid;
    // Generic rule for app collections: require authentication
    // Collections discovered from the codebase (src/database/firebase/config.ts)
    match /shops/{document=**} {
      allow read, write: if isSignedIn();
    match /items/{document=**} {
      allow read, write: if isSignedIn();
    match /parts/{document=**} {
      allow read, write: if isSignedIn();
    match /services/{document=**} {
      allow read, write: if isSignedIn();
    match /completions/{document=**} {
      allow read, write: if isSignedIn();
    match /settings/{document=**} {
      allow read, write: if isSignedIn();
    match /archive/{document=**} {
      allow read, write: if isSignedIn();
    match /types/{document=**} {
      allow read, write: if isSignedIn();
    match /invoices/{document=**} {
      allow read, write: if isSignedIn();
    match /logs/{document=**} {
      // App writes logs client-side; restrict to authenticated users
      allow read, write: if isSignedIn();
    match /transactions/{document=**} {
      allow read, write: if isSignedIn();
    match /leases/{document=**} {
      allow read, write: if isSignedIn();
    match /leaseCompletions/{document=**} {
      allow read, write: if isSignedIn();
    // Fallback: deny everything else by default
    match /{document=**} {
      allow read, write: if false;

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

FilesExpand file tree

firestore.rules

Latest commit

History

firestore.rules

File metadata and controls