Skip to content

test: cover members-only Firestore access rules #77

Description

@daliu

Goal

Protect the confidentiality boundary needed by the planned member discounts page with direct emulator regression tests.

Scope

  • Add tests for the existing members_only Firestore collection.
  • Do not change production rules or application behavior in this ticket.

Acceptance criteria

  • Anonymous users cannot read members_only documents.
  • Signed-in unverified users cannot read members_only documents.
  • Members can read members_only documents.
  • Admins can read members_only documents through the existing admin rule.
  • Non-admin users cannot create, update, or delete members_only documents.
  • The Firestore rules test suite passes.

Metadata

Metadata

Assignees

Labels

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions