Skip to content
This repository has been archived by the owner on Sep 16, 2019. It is now read-only.

Database Permissions #13

Open
firebolt55439 opened this issue Jan 19, 2018 · 1 comment
Open

Database Permissions #13

firebolt55439 opened this issue Jan 19, 2018 · 1 comment
Assignees
Milestone

Comments

@firebolt55439
Copy link
Collaborator

Need to prevent: deletion of posts, editing after posting, editing other people's posts, viewing real names in user table.

@firebolt55439 firebolt55439 added this to the Push to v0.3 milestone Jan 19, 2018
@firebolt55439 firebolt55439 self-assigned this Jan 19, 2018
@firebolt55439
Copy link
Collaborator Author

Updated the rules slightly:

{
  "rules": {
      "courses": {
        ".read": true,
        ".write": "auth != null && auth.token.email.matches(/.*@students.harker.org$/)"
      },
      "reviews": {
        ".read": true,
        ".write": "auth != null && auth.token.email.matches(/.*@students.harker.org$/)"
      }
  }
}

Need to prevent editing after posting and editing other people's posts.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant