rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if false;
}
match /rooms/{roomID} {
allow read: if isAuth();
allow create: if isAuth()
&& isComplete(request.resource.data.name)
&& isComplete(request.resource.data.description);
allow update: if request.auth.uid == resource.data.adminUid
&& isComplete(request.resource.data.name)
&& isComplete(request.resource.data.description);
allow delete: if request.auth.uid == resource.data.adminUid;
}
function isAuth() {
return request.auth != null
}
function isComplete(prop) {
return prop is string && prop.size() > 10 && prop.size() < 160;
}
match /{path=**}/messages/{messageID} {
allow read: if isAuth();
allow create: if request.resource.data.roomId in get(/databases/$(database)/documents/users/$(request.auth.uid)).data.connected;
allow update: if resource.data.userId == request.auth.uid;
allow delete: if get(/databases/$(database)/documents/rooms/$(resource.data.roomId)).data.adminUid == request.auth.uid;
}
match /users/{userID} {
allow read, write: if request.auth.uid == userID;
}
}
}