Skip to content

Review Firebase security #1052

Description

@alexsb

Our firebase security relies on policy based access. We need to make sure the policies allow the following:

  1. Any user can create Firestore and firebase storage items
  2. Any user should be able to read and modify the items they created
  3. Any authenticated user should have full CRUD access to any document in the repository

We're trying to avoid a problem where unauthorized users can delete/modify documents that are not their own.

Update the Firebase policies to match that posture.

Metadata

Metadata

Labels

No labels
No labels

Type

No type

Fields

No fields configured for issues without a type.

Projects

Status
Done

Relationships

None yet

Development

No branches or pull requests

Issue actions