From 7a346f62a8297bbf8c35df8b1aadb1c801040a71 Mon Sep 17 00:00:00 2001 From: Benoy Bose Date: Sun, 13 Apr 2025 13:29:36 +0530 Subject: [PATCH] Updated firestore rules and index --- .firebaserc | 5 +- firebase.json | 3 +- firestore.indexes.json | 166 +++++++++++++++++++++++++++++++++++++++++ firestore.rules | 21 +++--- 4 files changed, 179 insertions(+), 16 deletions(-) diff --git a/.firebaserc b/.firebaserc index 74dd134..7ea5cba 100644 --- a/.firebaserc +++ b/.firebaserc @@ -2,6 +2,7 @@ "projects": { "debug": "fitlien-dev", "qa": "fitlien-qa", - "release": "fitlien" + "release": "fitlien", + "default": "fitlien-dev" } -} \ No newline at end of file +} diff --git a/firebase.json b/firebase.json index abf2c13..dd93bf2 100644 --- a/firebase.json +++ b/firebase.json @@ -14,8 +14,7 @@ "firebase-debug.*.log", "*.local" ], - "predeploy": [ - ] + "predeploy": [] } ], "storage": { diff --git a/firestore.indexes.json b/firestore.indexes.json index fe4aa78..de60f82 100644 --- a/firestore.indexes.json +++ b/firestore.indexes.json @@ -1,5 +1,33 @@ { "indexes": [ + { + "collectionGroup": "day_pass_bookings", + "queryScope": "COLLECTION", + "fields": [ + { + "fieldPath": "userId", + "order": "ASCENDING" + }, + { + "fieldPath": "createdAt", + "order": "DESCENDING" + } + ] + }, + { + "collectionGroup": "day_pass_entries", + "queryScope": "COLLECTION", + "fields": [ + { + "fieldPath": "bookingId", + "order": "ASCENDING" + }, + { + "fieldPath": "entryDate", + "order": "ASCENDING" + } + ] + }, { "collectionGroup": "gyms", "queryScope": "COLLECTION_GROUP", @@ -13,6 +41,144 @@ "order": "ASCENDING" } ] + }, + { + "collectionGroup": "gyms", + "queryScope": "COLLECTION", + "fields": [ + { + "fieldPath": "userId", + "order": "ASCENDING" + }, + { + "fieldPath": "name", + "order": "ASCENDING" + } + ] + }, + { + "collectionGroup": "memberships", + "queryScope": "COLLECTION", + "fields": [ + { + "fieldPath": "gymId", + "order": "ASCENDING" + }, + { + "fieldPath": "createdAt", + "order": "DESCENDING" + } + ] + }, + { + "collectionGroup": "notifications", + "queryScope": "COLLECTION", + "fields": [ + { + "fieldPath": "clientId", + "order": "ASCENDING" + }, + { + "fieldPath": "timestamp", + "order": "DESCENDING" + } + ] + }, + { + "collectionGroup": "notifications", + "queryScope": "COLLECTION", + "fields": [ + { + "fieldPath": "clientId", + "order": "ASCENDING" + }, + { + "fieldPath": "type", + "order": "ASCENDING" + }, + { + "fieldPath": "timestamp", + "order": "DESCENDING" + } + ] + }, + { + "collectionGroup": "notifications", + "queryScope": "COLLECTION", + "fields": [ + { + "fieldPath": "ownerId", + "order": "ASCENDING" + }, + { + "fieldPath": "timestamp", + "order": "DESCENDING" + } + ] + }, + { + "collectionGroup": "notifications", + "queryScope": "COLLECTION", + "fields": [ + { + "fieldPath": "ownerId", + "order": "ASCENDING" + }, + { + "fieldPath": "type", + "order": "ASCENDING" + }, + { + "fieldPath": "timestamp", + "order": "DESCENDING" + } + ] + }, + { + "collectionGroup": "notifications", + "queryScope": "COLLECTION", + "fields": [ + { + "fieldPath": "trainerId", + "order": "ASCENDING" + }, + { + "fieldPath": "timestamp", + "order": "DESCENDING" + } + ] + }, + { + "collectionGroup": "notifications", + "queryScope": "COLLECTION", + "fields": [ + { + "fieldPath": "type", + "order": "ASCENDING" + }, + { + "fieldPath": "userId", + "order": "ASCENDING" + }, + { + "fieldPath": "timestamp", + "order": "DESCENDING" + } + ] + }, + { + "collectionGroup": "termsandconditions", + "queryScope": "COLLECTION", + "fields": [ + { + "fieldPath": "normalizedName", + "order": "ASCENDING" + }, + { + "fieldPath": "userUid", + "order": "ASCENDING" + } + ] } ], "fieldOverrides": [] diff --git a/firestore.rules b/firestore.rules index cf50f51..03eee86 100644 --- a/firestore.rules +++ b/firestore.rules @@ -1,19 +1,16 @@ rules_version = '2'; - service cloud.firestore { match /databases/{database}/documents { - - // This rule allows anyone with your Firestore database reference to view, edit, - // and delete all data in your Firestore database. It is useful for getting - // started, but it is configured to expire after 30 days because it - // leaves your app open to attackers. At that time, all client - // requests to your Firestore database will be denied. - // - // Make sure to write security rules for your app before that time, or else - // all client requests to your Firestore database will be denied until you Update - // your rules match /{document=**} { - allow read, write: if request.time < timestamp.date(2025, 1, 10); + allow read, write: if request.auth != null; + } + match /day_pass_bookings/{bookingId} { + allow read: if true; + allow write: if request.auth != null; + } + match /gyms/{gymId} { + allow read: if true; + allow write: if request.auth != null; } } } \ No newline at end of file