-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdatabase.rules.json
80 lines (79 loc) · 3.17 KB
/
database.rules.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
{
"rules": {
//".write" : true,
//".read":true,
"bets":{
".read":true,
"$match":{
"$userBet":{
//loggedIn user takes the bet && there is no bet already && in time && has enough coins && email verified
".write": "auth.uid === $userBet && !data.exists() && root.child('matches/'+$match+'/begin_at').val()>=now && root.child('users/'+$userBet+'/coins').val()>=newData.child('tip').val() && root.child('users/'+$userBet+'/verified').val() === true"
}
}
},
"comments":{
".read":true,
"$new":{
"$comment":{
//loggedin user comments in his/her name || admin || author
".write": "auth.uid === newData.child('userId').val() || root.child('users/'+auth.uid+'/roles/admin').val() == true || root.child('users/'+auth.uid+'/roles/author').val() == true"
}
}
},
"labels":{
".read":true,
//only authors can modify labels~categories
".write": "root.child('users/'+auth.uid+'/roles/author').val() == true"
},
"matches":{
".indexOn": ["status", "begin_at"],
".read":true,
//only the Administrator (not roles/admin) can modify the matches - it means only functions are able to modify it!
".write":false
},
"news":{
".read":true,
//only authors can modify news
".write": "root.child('users/'+auth.uid+'/roles/author').val() == true"
},
"newscontent":{
".read":true,
".write": "root.child('users/'+auth.uid+'/roles/author').val() == true"
},
"statistics":{
".read":true,
".write": true
},
"users":{
".read": "root.child('users/'+auth.uid+'/roles/admin').val() === true",
//".read":true,
"$userId":{
".read":true,
"email":{
".read": "auth.uid === $userId || root.child('users/'+auth.uid+'/roles/admin').val() == true",
".write" : "auth.uid === $userId || root.child('users/'+auth.uid+'/roles/admin').val() == true"
},
"displayName":{
".read":true,
".write": "auth.uid === $userId || root.child('users/'+auth.uid+'/roles/admin').val() == true"
},
"coins":{
".read":"auth.uid === $userId || root.child('users/'+auth.uid+'/roles/admin').val() == true",
".write": "auth.uid === $userId || root.child('users/'+auth.uid+'/roles/admin').val() == true"
},
"photoURL":{
".read": true,
".write": "auth.uid === $userId || root.child('users/'+auth.uid+'/roles/admin').val() == true"
},
"roles":{
".read": "auth.uid === $userId || root.child('users/'+auth.uid+'/roles/admin').val() == true",
".write": "auth.uid === $userId || root.child('users/'+auth.uid+'/roles/admin').val() == true"
},
"verified":{
".read": "auth.uid === $userId || root.child('users/'+auth.uid+'/roles/admin').val() == true",
".write": "auth.uid === $userId || root.child('users/'+auth.uid+'/roles/admin').val() == true"
}
}
}
}
}