diff --git a/firestore.rules b/firestore.rules index 29324d1c..885948c4 100644 --- a/firestore.rules +++ b/firestore.rules @@ -57,6 +57,19 @@ service cloud.firestore { && !request.resource.data.keys().hasAny(['hasPremium']); allow update: if isOwner(uid) && !request.resource.data.diff(resource.data).affectedKeys().hasAny(['hasPremium']); + + // Entitlements written server-side only (RevenueCat webhook via Admin SDK). + // Client needs read access so FirestoreEntitlementChecker can observe premium state. + match /entitlements/{entitlementDoc} { + allow read: if isOwner(uid); + allow write: if false; + } + + // Notification queue written server-side only (Cloud Functions). + // No client read needed; the app reacts to FCM push, not this collection. + match /notification_queue/{notificationId} { + allow read, write: if false; + } } // ── Date ideas (read-only catalog) ─────────────────────────────────────────