Comment by Kiro
2 years ago
Thank you for your response. While permissions sound like they can cover a lot of cases let's say I want to moderate with a list of banned words that are defined in a JSON or fetched from a service.
Ideally I would like exactly what you provide but be able to insert arbitrary server-side code that is run before the change is committed to the database.
I remember having the same "problem" with Firebase back in the day and ended up having to use a Cloud Function that listened on changes and updated records, but it was not a nice experience.
That's a great point Kiro. Down the road, we could look into introducing a more turing complete language, which you could use before a transaction runs. We decided to go with CEL for the sandboxing benefits.