diff --git a/firestore.rules b/firestore.rules index ee0ef14b..691a5a91 100644 --- a/firestore.rules +++ b/firestore.rules @@ -200,8 +200,9 @@ service cloud.firestore { // Read: both members can read allow read: if isCouplesMember(coupleId); - // Create: acceptor creates the couple doc during pairing (client-side). - // Must be a member of the couple and include required fields. + // Create: server-side only via the acceptInviteCallable Cloud Function. + // The Admin SDK bypasses these rules. The shape check remains as defense + // in depth in case any other trusted server process creates a couple doc. allow create: if isSignedIn() && request.auth.uid in request.resource.data.userIds && request.resource.data.keys().hasAll([