-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathfirebase_rules2.txt
78 lines (74 loc) · 2.32 KB
/
firebase_rules2.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
{
"rules": {
"rooms":{
"public": {
// any logged-in user can create/list public rooms.
".write": "auth != null",
".read": "auth != null",
"$room_id": {}
},
"private": {
// any logged-in user can create new private rooms.
".write": "auth != null",
"$room_id": {
// only invited users can read private room info
".read": "root.child('invitations/'+auth.uid).exists()"
}
}
},
"members":{
// no one may read ALL rooms' members.
"$room_id": {
// a room member can list the members of the room.
".read": "data.child(auth.uid).exists()",
"$user_id": {
// only a user can add him/herself as a member of a room.
".write": "auth.uid === $user_id"
}
}
},
"invitations": {
// no one may read ALL users' invitations.
"$user_id": {
// only the user may read his/her own room invitations.
".read": "auth.uid === $user_id",
"$room_id": {
// any logged-in user can invite a user to a room.
".write": "auth != null"
}
}
},
"messages": {
// no one may list ALL messages.
"$room_id": {
// only members (invited or joined) of rooms may read and write to the messages for a room.
".read": "root.child('invitations/'+auth.uid).exists()
|| root.child('members/'+$room_id+'/'+auth.uid).exists()",
".write": "root.child('invitations/'+auth.uid).exists()
|| root.child('members/'+$room_id+'/'+auth.uid).exists()"
}
},
"users": {
// any logged-in user may list all other public users (necessary to invite other users to private rooms and to display message author details).
".read":"auth != null",
"$user_id": {
// only the user may write his/her own info.
".write": "$user_id === auth.uid",
"email": {},
"displayName": {},
"photoURL": {}
}
},
"settings": {
// no one can list ALL users' settings.
"$user_id":{
// users may only read/write their own settings.
".read":"$user_id === auth.uid",
".write":"$user_id === auth.uid",
"favorites": {},
"my_private_rooms": {},
"my_public_rooms": {}
}
}
}
}