From 80eaf29c94df1c50a8dea47f78077634100b1aee Mon Sep 17 00:00:00 2001
From: yinonov <yinon@hotmail.com>
Date: Thu, 12 Nov 2020 14:56:50 +0200
Subject: [PATCH 1/2] test(firestore): update firestore security rules

---
 firestore.rules | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/firestore.rules b/firestore.rules
index d57a64061..9066be573 100644
--- a/firestore.rules
+++ b/firestore.rules
@@ -37,9 +37,13 @@ service cloud.firestore {
       return affectedKeys.hasOnly(allowedFields);
     }
 
-    function isPublic() {
+    function isOrUpdatesToPublic() {
       return 'status' in resource.data && resource.data.status == 'public';
     }
+
+    function isValidPrice() {
+      return false;
+    }
     // //////////////////
 
 		match /sessions/{session} {
@@ -51,8 +55,10 @@ service cloud.firestore {
         );
       allow update: if isOwner(resource.data.owner.uid)
         && (
-          !isPublic() ||
-          editOnlyChangesFields(['title', 'description', 'thumbRef', 'level', 'price', 'activities', 'pillar', 'promo', 'relatedSessions', 'duration', 'entryId'])
+          !isOrUpdatesToPublic() ||
+
+            editOnlyChangesFields(['title', 'description', 'thumbRef', 'level', 'price', 'activities', 'pillar', 'promo', 'relatedSessions', 'duration', 'entryId'])
+
         );
       allow delete: if isOwner(resource.data.owner.uid) && !isPublic();
     }

From 43c034ff3a9699ad7683128560976d791220b4b2 Mon Sep 17 00:00:00 2001
From: yinonov <yinon@hotmail.com>
Date: Thu, 12 Nov 2020 19:19:44 +0200
Subject: [PATCH 2/2] session tests coverage

---
 firestore.rules        | 38 ++++++++++++++++++++++++++++++--------
 functions/.gitignore   |  2 +-
 functions/package.json |  1 +
 3 files changed, 32 insertions(+), 9 deletions(-)

diff --git a/firestore.rules b/firestore.rules
index 9066be573..018550960 100644
--- a/firestore.rules
+++ b/firestore.rules
@@ -37,12 +37,31 @@ service cloud.firestore {
       return affectedKeys.hasOnly(allowedFields);
     }
 
-    function isOrUpdatesToPublic() {
+    function isPublic() {
       return 'status' in resource.data && resource.data.status == 'public';
     }
 
-    function isValidPrice() {
-      return false;
+    function updatesToPublic() {
+      return 'status' in request.resource.data && request.resource.data.status == 'public';
+    }
+
+    function priceValid(data) {
+      return 'price' in data && data.price.keys().hasAll(['currency', 'display']);
+      // return 'price' in request.resource.data;
+    }
+
+    function jointResourcesCheckout(requiredFields){
+      return resource.data.keys()
+        .concat(request.resource.data.keys())
+        .hasAll(requiredFields);
+    }
+
+    function isStatusRequest() { return 'status' in request.resource.data }
+    function isPublishRequest() { return request.resource.data.status == 'public' }
+    function isValidPublishRequest() {
+      return
+        jointResourcesCheckout(['title', 'description', 'owner', 'price'])
+        && (priceValid(resource.data) || priceValid(request.resource.data));
     }
     // //////////////////
 
@@ -53,13 +72,16 @@ service cloud.firestore {
           ['title', 'owner'],
           ['description', 'type', 'format', 'thumbRef', 'level', 'price', 'activities', 'pillar', 'promo', 'relatedSessions', 'duration', 'when', 'eventId', 'resourceId']
         );
-      allow update: if isOwner(resource.data.owner.uid)
-        && (
-          !isOrUpdatesToPublic() ||
 
-            editOnlyChangesFields(['title', 'description', 'thumbRef', 'level', 'price', 'activities', 'pillar', 'promo', 'relatedSessions', 'duration', 'entryId'])
+      allow update: if
+        isOwner(resource.data.owner.uid)
+        && (
+          !isStatusRequest()
+          || !isPublishRequest()
+          || isValidPublishRequest()
+        )
+        && editOnlyChangesFields(['title', 'description', 'thumbRef', 'level', 'price', 'activities', 'pillar', 'promo', 'relatedSessions', 'duration', 'entryId', 'status']);
 
-        );
       allow delete: if isOwner(resource.data.owner.uid) && !isPublic();
     }
 
diff --git a/functions/.gitignore b/functions/.gitignore
index e3c46bc3f..10263c112 100644
--- a/functions/.gitignore
+++ b/functions/.gitignore
@@ -6,7 +6,7 @@
 !.eslintrc.js
 
 # Except the test files
-test/**/*.js
+test/*.js
 
 # TypeScript v1 declaration files
 typings/
diff --git a/functions/package.json b/functions/package.json
index 504d41460..f9d8c307d 100644
--- a/functions/package.json
+++ b/functions/package.json
@@ -9,6 +9,7 @@
     "deploy": "firebase deploy --only functions",
     "logs": "firebase functions:log",
     "test": "mocha --exit",
+    "test:dev": "mocha --watch",
     "_comment": "use the 'getCustomConfig' to retrieve config which will also includes stripe token",
     "getCustomConfig": "firebase functions:config:get > .runtimeconfig.json"
   },