diff --git a/firestore.rules b/firestore.rules index 885948c4..9193d637 100644 --- a/firestore.rules +++ b/firestore.rules @@ -279,15 +279,16 @@ service cloud.firestore { } // Date plan preferences: per-partner preferences for building date plans. - // Both members can read; each member can write their own preference. - match /date_plan_preferences/{userId} { + // Both members can read; either member can write a preference document. + // Document IDs are Firestore auto-IDs (not user IDs). + match /date_plan_preferences/{prefId} { allow read: if isCouplesMember(coupleId); allow create, update: if isCouplesMember(coupleId) - && request.resource.data.keys().hasOnly(['actions']) - && request.resource.data.actions.keys().hasOnly([request.auth.uid]) - && request.resource.data.actions[request.auth.uid].keys().hasOnly(['action', 'swipedAt']) - && request.resource.data.actions[request.auth.uid].action != null - && request.resource.data.actions[request.auth.uid].swipedAt is timestamp; + && request.resource.data.keys().hasAll(['dateIdeaId', 'createdAt', 'updatedAt']) + && request.resource.data.keys().hasOnly([ + 'dateIdeaId', 'preferredDate', 'preferredTime', + 'budget', 'duration', 'createdAt', 'updatedAt' + ]); allow delete: if false; }