rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /user_profiles/{uid} {
    	allow read;
    	allow write: if request.auth.uid == uid;
    }
    match /users_private_info/{uid} {
    	allow read, write: if request.auth.uid == uid;
    }
    match /users_private_info/{uid}/tokens/{token} {
      allow read, write: if request.auth.uid == uid;
    }
    match /users_private_info/{uid}/chats/{chatId} {
      allow read, write: if request.auth.uid == uid;
    }
    match /users_algorithm_data/{uid} {
    	allow read, write: if request.auth.uid == uid;
    }
    match /user_statuses/{uid} {
    	allow read: if request.auth != null;
      allow write: if request.auth.uid == uid;
    }    
    match /chats/{chatId} {
    	allow read, write: if request.auth.uid in resource.data.participants;
      match /messages/{messageId} {
      	// use get() to check that authenticated user is a participant (for now i don't have sufficient reads)
      	allow read;
        allow create: if request.auth.uid == request.resource.data.senderUid;
        allow update: if request.auth.uid == resource.data.senderUid || request.resource.data.diff(resource.data).changedKeys().hasOnly(["readOn"]);
      	allow delete: if request.auth.uid == resource.data.senderUid;
      }
    }
  }
}