diff --git a/firestore.rules b/firestore.rules index a393ff07..a739b6bd 100644 --- a/firestore.rules +++ b/firestore.rules @@ -363,9 +363,10 @@ service cloud.firestore { // Accepts schemaVersion 3 (sealed:v1: partner-proof) or schemaVersion 2 (enc:v1: couple-key). match /answers/{userId} { allow read: if isCouplesMember(coupleId); - allow delete: if isOwner(userId); + allow delete: if false; allow create: if isCouplesMember(coupleId) && isOwner(userId) + && request.resource.data.userId == request.auth.uid && coupleEncryptionEnabled(coupleId) && ( isSealedThreadAnswerCreate(request.resource.data)