textagent.github.io/firestore.rules at main · Textagent/textagent.github.io · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
// Firestore Security Rules for TextAgent Share
// Deploy with: firebase deploy --only firestore:rules
// (requires firebase-tools: npm install -g firebase-tools)
rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    // Helper: validate the optional 'view' field (must be 'ppt' or 'preview')
    function validView() {
      return !('view' in request.resource.data)
             || request.resource.data.view == 'ppt'
             || request.resource.data.view == 'preview';
    }

    match /shares/{docId} {
      // Anyone can read shared documents (needed for shared link access)
      allow read: if true;

      // Allow create with strict validation:
      // - Quick share: { d, t, wt [, view] }
      // - Secure share: { d, t, salt, secure, wt [, view] }
      // - 'wt' is the write-token for ownership verification
      // - 'view' is optional view-lock ('ppt' | 'preview')
      allow create: if (
                      // Quick share / cloud auto-save
                      (request.resource.data.keys().hasOnly(['d', 't', 'wt', 'view'])
                       && request.resource.data.d is string
                       && request.resource.data.d.size() < 1048576
                       && request.resource.data.t is int
                       && request.resource.data.wt is string
                       && request.resource.data.wt.size() >= 16
                       && request.resource.data.wt.size() <= 64
                       && validView())
                      ||
                      // Secure share
                      (request.resource.data.keys().hasOnly(['d', 't', 'salt', 'secure', 'wt', 'view'])
                       && request.resource.data.d is string
                       && request.resource.data.d.size() < 1048576
                       && request.resource.data.t is int
                       && request.resource.data.salt is string
                       && request.resource.data.secure == true
                       && request.resource.data.wt is string
                       && request.resource.data.wt.size() >= 16
                       && request.resource.data.wt.size() <= 64
                       && validView())
                    );

      // Allow update only if write-token matches (ownership proof)
      // Backward compat: old docs without 'wt' can still be updated
      allow update: if request.resource.data.keys().hasOnly(['d', 't', 'wt', 'view'])
                    && request.resource.data.d is string
                    && request.resource.data.d.size() < 1048576
                    && request.resource.data.t is int
                    && request.resource.data.wt is string
                    && validView()
                    && (
                      // Doc has no write-token (legacy) — allow update
                      !('wt' in resource.data)
                      ||
                      // Write-token matches — owner can update
                      request.resource.data.wt == resource.data.wt
                    );

      // Never allow deletes via client
      allow delete: if false;
    }

    // Deny access to all other collections by default
    match /{document=**} {
      allow read, write: if false;
    }
  }
}