BazaarPlanner/database.rules.json at main · oceanseth/BazaarPlanner · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
{
  "rules": {
    "usernames": {
      "$displayName": {
        ".read": "true",
        ".write": "auth != null && data.parent().parent().child('users').child(auth.uid).child('displayName').val().toLowerCase() === data.val()",
        ".validate": "newData.val().matches(/^[0-9a-z]*$/)"
      }
    },
    "users": {
      "$uid": {
        ".read": "true",
        ".write": "$uid === auth.uid",
        "isDonor": {
          ".validate": "!data.exists() || data.val() === true"
        },
        "runs": {
          ".read": "$uid === auth.uid",
          ".indexOn": ["t"],
          "$runId": {
            ".read": true
          }
        }
      }
    },
    "topDonors": {
      ".read": true,
      ".write": false,
      ".indexOn": ["amount"]
    },
    "usersonline": {
      ".read": "true",
      ".indexOn": ".value",
      "$uid": {
        ".read": "true",
        ".write": "(auth != null && auth.uid === $uid) ||
                   (!newData.exists() &&
                    data.exists() &&
                    data.val() < (now - 1000*60*5))",
        ".validate": "!newData.exists() || newData.isNumber()"
      }
    },
    "puzzles": {
      "current": {
        ".read": true,
        ".write": false
      },
      "submissions": {
        "$submissionId": {
          ".read": true,
          ".write": "auth.uid === newData.child('byUID').val()"
        }
      },
      "$puzzleId": {
        "data": {
          ".read": true,
          ".write": false
        },
        "votes": {
          "$userId": {
            ".read": "$userId === auth.uid",
            ".write": "!data.exists() && auth.uid === $userId"
          }
        },
        "result":{
          ".write":false,
          ".read": "data.parent().child('votes').child(auth.uid).exists()"
        }
      }
    },
    "tinyurls": {
        "count": {
            ".read": true,
            ".write": "auth != null",
            ".validate": "newData.isNumber() &&
                        newData.val() === data.val() + 1",
        },
        "$count": {
            ".read": true,
            ".validate": "newData.child('url').exists() &&
                        newData.child('uid').exists() &&
                        $count == (data.parent().child('count').val()+1)+'' &&
                        newData.child('uid').val() === auth.uid",
            ".write": "auth != null"
        }
    },

    "polls": {
      "harmpoll": {
        "$voteType": {

          "$uid": {
            ".write": "$uid === auth.uid",

            ".validate": "!data.exists() &&
                         !root.child('polls/harmpoll/yes').child($uid).exists() &&
                         !root.child('polls/harmpoll/no').child($uid).exists() &&
                         newData.child('timestamp').exists()",
            ".read": true
          }
        },
        "counts": {
          ".read": true,
          "$voteType": {
            ".write": "auth !== null",
            ".validate": "newData.isNumber() &&
                        data.exists() &&
                        newData.val() === data.val() + 1 &&
                        // Verify the same update includes the user's vote
                        newData.parent().parent().child($voteType).child(auth.uid).exists() &&
                        !data.parent().parent().child($voteType).child(auth.uid).exists() &&
                        // Verify user hasn't voted in the other option
                        !root.child('polls/harmpoll/' + ($voteType === 'yes' ? 'no' : 'yes')).child(auth.uid).exists()"
          }
        }
      }
    }
  }
}