Skip to content

Commit 508e3f3

Browse files
rfontanarosarfontanarosa
authored
Update Firestore rules to version 2 (google#2447)
1 parent 3227a7b commit 508e3f3

File tree

1 file changed

+11
-6
lines changed

1 file changed

+11
-6
lines changed

firestore/firestore.rules

Lines changed: 11 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,8 @@
1414
* limitations under the License.
1515
*/
1616

17+
rules_version = '2';
18+
1719
// Define access rules for Firestore collections and documents.
1820
service cloud.firestore {
1921
match /databases/{database}/documents {
@@ -22,7 +24,8 @@
2224
* Fetches and returns the survey with the specified id.
2325
*/
2426
function getSurvey(surveyId) {
25-
return get(/databases/$(database)/documents/surveys/$(surveyId)).data;
27+
let doc = get(/databases/$(database)/documents/surveys/$(surveyId));
28+
return doc == null ? null : doc.data;
2629
}
2730

2831
/**
@@ -55,14 +58,16 @@
5558
* Returns the regular expression matching emails granted access.
5659
*/
5760
function getPassRegexp() {
58-
return get(/databases/$(database)/documents/passlist/regexp).data.regexp
61+
let doc = get(/databases/$(database)/documents/passlist/regexp);
62+
return doc == null ? null : doc.data.regexp;
5963
}
6064

6165
/**
6266
* Returns true iff the user's email is listed in the passlist or allowed via regex.
6367
*/
6468
function isPasslisted() {
65-
return request.auth.token.email.matches(getPassRegexp())
69+
let regexp = getPassRegexp();
70+
return (regexp != null && request.auth.token.email.matches(regexp))
6671
|| exists(/databases/$(database)/documents/passlist/$(request.auth.token.email));
6772
}
6873
@@ -78,7 +83,7 @@
7883
* survey.
7984
*/
8085
function canViewSurvey(survey) {
81-
return isSignedIn() &&
86+
return survey != null && isSignedIn() &&
8287
(isUnlistedOrPublic(survey) || getRole(survey) != null);
8388
}
8489

@@ -113,7 +118,7 @@
113118
* assigned this role by default.
114119
*/
115120
function canManageSurvey(survey) {
116-
return isSignedIn() && isOneOf(survey, [
121+
return survey != null && isSignedIn() && isOneOf(survey, [
117122
3 /* SURVEY_ORGANIZER */
118123
]);
119124
}
@@ -123,7 +128,7 @@
123128
* and submissions to the specified survey.
124129
*/
125130
function canCollectData(survey) {
126-
return isSignedIn() &&
131+
return survey != null && isSignedIn() &&
127132
(isUnlistedOrPublic(survey) || isOneOf(survey, [
128133
2 /* DATA_COLLECTOR */,
129134
3 /* SURVEY_ORGANIZER */

0 commit comments

Comments
 (0)