42 lines
1.2 KiB
Plaintext
42 lines
1.2 KiB
Plaintext
Cloud Firestore Rule:
|
|
|
|
rules_version = '2';
|
|
|
|
service cloud.firestore {
|
|
match /databases/{database}/documents {
|
|
|
|
// This rule allows anyone with your Firestore database reference to view, edit,
|
|
// and delete all data in your Firestore database. It is useful for getting
|
|
// started, but it is configured to expire after 30 days because it
|
|
// leaves your app open to attackers. At that time, all client
|
|
// requests to your Firestore database will be denied.
|
|
//
|
|
// Make sure to write security rules for your app before that time, or else
|
|
// all client requests to your Firestore database will be denied until you Update
|
|
// your rules
|
|
//match /{document=**} {
|
|
//allow read, write: if request.time < timestamp.date(2023, 9, 28);
|
|
// }
|
|
match /books/{document=**} {
|
|
allow read: if true;
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
|
|
Storage Rules:
|
|
|
|
rules_version = '2';
|
|
|
|
// Craft rules based on data in your Firestore database
|
|
// allow write: if firestore.get(
|
|
// /databases/(default)/documents/users/$(request.auth.uid)).data.isAdmin;
|
|
service firebase.storage {
|
|
match /b/{bucket}/o {
|
|
match /{allPaths=**} {
|
|
allow read, write: if true;
|
|
}
|
|
}
|
|
}
|