Our firebase security relies on policy based access. We need to make sure the policies allow the following:
- Any user can create Firestore and firebase storage items
- Any user should be able to read and modify the items they created
- Any authenticated user should have full CRUD access to any document in the repository
We're trying to avoid a problem where unauthorized users can delete/modify documents that are not their own.
Update the Firebase policies to match that posture.
Our firebase security relies on policy based access. We need to make sure the policies allow the following:
We're trying to avoid a problem where unauthorized users can delete/modify documents that are not their own.
Update the Firebase policies to match that posture.