functions: - isUser(uid): auth.uid === uid schema: type: object properties: cards: type: object $card: type: object charges: type: object $charge: type: object coupons: type: object $coupon: type: object customers: type: object $customer: type: object plans: type: object $plan: type: object refunds: type: object $refund: type: object subscriptions: type: object $subscription: type: object access: # A charge can have a customer id to reference - location: /charges/$charge read: next.customer === root['customers'][auth.uid].id write: next.exists() && !prev.exists() # A card should have the same name as a customer - location: /cards/$card read: isUser($card) write: isUser($card) && next.exists() && !prev.exists() # Usually it's best to keep coupons secret - location: /coupons read: false write: false # Assumes customers are stored using Simple Login uids - location: /customers/$customer read: isUser($customer) write: isUser($customer) # Plans can be kept as read only - location: /plans read: true write: false # Refunds should be only granted via Firebase secret - location: /refunds read: false write: false # A subscription should have the same name as a customer - location: /subscriptions/$subscription read: isUser($subscription) write: isUser($subscription) && next.exists() && !prev.exists()