-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathfirestore.rules
More file actions
80 lines (68 loc) · 2.79 KB
/
firestore.rules
File metadata and controls
80 lines (68 loc) · 2.79 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
// Anyone can read drugs (public catalog)
match /drugs/{drugId} {
allow read: if true;
allow write: if false; // Only admins via console
}
// Agents collection: Bearer token authentication for MCP
// Users can manage their own agents
match /agents/{agentId} {
// Users can read their own agents
allow read: if request.auth != null &&
resource.data.userId == request.auth.uid;
// Users can create agents (via Cloud Function generateBearerToken)
allow create: if request.auth != null &&
request.resource.data.userId == request.auth.uid &&
request.resource.data.keys().hasAll(['userId', 'name', 'bearerToken', 'createdAt', 'lastUsedAt']);
// Users can update lastUsedAt timestamp
allow update: if request.auth != null &&
resource.data.userId == request.auth.uid &&
request.resource.data.diff(resource.data).affectedKeys().hasOnly(['lastUsedAt']);
// Users can delete their own agents
allow delete: if request.auth != null &&
resource.data.userId == request.auth.uid;
}
// Usage events: MCP server writes, users read their own
match /usage_events/{eventId} {
// Users can read their own events
allow read: if request.auth != null &&
resource.data.userId == request.auth.uid;
// Allow MCP server to create events (validates bearer token first)
// MCP server uses service account, not user auth
allow create: if true;
// No updates or deletes
allow update, delete: if false;
}
// Active drugs: Per-agent state for drug effects
// MCP server manages these, users can read their own
match /active_drugs/{drugId} {
// Users can read their own active drugs
allow read: if request.auth != null &&
resource.data.userId == request.auth.uid;
// MCP server (service account) can write
// Users cannot directly write
allow write: if false;
}
// OAuth authorization codes: Temporary codes for OAuth flow
// Cloud Functions manage these, users should not access directly
match /oauth_codes/{codeId} {
// No direct user access
allow read, write: if false;
}
// OAuth registered clients: Dynamic client registration (RFC 7591)
// Cloud Functions manage these via service account
match /oauth_clients/{clientId} {
// No direct user access - managed by Cloud Functions
allow read, write: if false;
}
// Legacy api_keys collection: Deprecated, will be removed
// Kept for backward compatibility during migration
match /api_keys/{keyId} {
allow read: if true;
allow create: if false; // No new API keys
allow update, delete: if false;
}
}
}