-
Notifications
You must be signed in to change notification settings - Fork 63
/
database-private.rules.json
138 lines (138 loc) · 4.73 KB
/
database-private.rules.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
{
"rules": {
"admins": {
"$uid": {}
},
"checks": {
"admin": {
".read": "root.child('admins').hasChild(auth.uid)"
},
"emailVerified": {
".read": "auth.token.email_verified == true"
},
"emailNotVerified": {
".read": "auth.token.email_verified == false"
},
},
"store": {
".write": "root.child('admins').hasChild(auth.uid)",
// Grant read access (provider, uid, token.email, etc.) with enumeration, regex, etc.
".read": "auth.token.email.endsWith('@domain.com') && auth.token.email_verified == true",
"applications": {
"$application_id": {
// PUSH/UPDATE if has fields ['description', 'name', 'packageName']
".validate": "newData.hasChildren(['description', 'name', 'packageName'])",
"description": {
".validate": "newData.isString()"
},
"image": {
".validate": "newData.isString()"
},
"name": {
".validate": "newData.isString() && newData.val().length > 0"
},
"packageName": {
// PackageName regex
".validate": "newData.isString() && newData.val().matches(/^([A-Za-z]{1}[A-Za-z\\d_]*\\.)*[A-Za-z][A-Za-z\\d_]*$/)"
},
"link_1": {
".validate": "newData.hasChildren(['name', 'uri']) && newData.child('name').isString() && newData.child('uri').isString()"
},
"link_2": {
".validate": "newData.hasChildren(['name', 'uri']) && newData.child('name').isString() && newData.child('uri').isString()"
},
"link_3": {
".validate": "newData.hasChildren(['name', 'uri']) && newData.child('name').isString() && newData.child('uri').isString()"
},
"link_4": {
".validate": "newData.hasChildren(['name', 'uri']) && newData.child('name').isString() && newData.child('uri').isString()"
},
"link_5": {
".validate": "newData.hasChildren(['name', 'uri']) && newData.child('name').isString() && newData.child('uri').isString()"
},
"silent": {
".validate": "newData.val() == null || newData.isBoolean()"
},
"$other": {
".validate": false
}
}
},
"versions": {
"$application_id": {
"$version_id": {
// PUSH/UPDATE if application_id exists and has fields ['description', 'name', 'timestamp']
".validate": "root.child('store').child('applications').child($application_id).exists() && newData.hasChildren(['description', 'name', 'timestamp'])",
"apkRef": {
".validate": "newData.isString()"
},
"apkSize": {
".validate": "newData.isNumber()"
},
"apkGeneration": {
".validate": "newData.isNumber()"
},
"apkUrl": {
".validate": "newData.isString()"
},
"description": {
".validate": "newData.isString()"
},
"name": {
// Semver regex
".validate": "newData.isString() && newData.val().matches(/^(\\d+)(\\.(\\d+)(\\.(\\d+))?)?(-(.+))?$/)"
},
"timestamp": {
".validate": "newData.isNumber()"
},
"silent": {
".validate": "newData.val() == null || newData.isBoolean()"
},
"downloads": {
".validate": "newData.isNumber()"
},
"installs": {
".validate": "newData.isNumber()"
},
"$other": {
".validate": false
}
}
}
},
"$other": {
".validate": false
}
},
"analytics": {
"downloads": {
"$application_id": {
"$version_id": {
".validate": "root.child('store').child('applications').child($application_id).exists() && root.child('store').child('versions').child($application_id).child($version_id).exists()",
"$uid": {
".write": "$uid === auth.uid",
".validate": "newData.isNumber()"
}
}
}
},
"installs": {
"$application_id": {
"$version_id": {
".validate": "root.child('store').child('applications').child($application_id).exists() && root.child('store').child('versions').child($application_id).child($version_id).exists()",
"$uid": {
".write": "$uid === auth.uid",
".validate": "newData.isNumber()"
}
}
}
},
"$other": {
".validate": false
}
},
"$other": {
".validate": false
}
}
}