From 241b15c71c3947ad5ca5dfa7d213e84ca5565a22 Mon Sep 17 00:00:00 2001
From: andrashee <accounts@ahee.ch>
Date: Sun, 1 Dec 2024 12:00:17 +0100
Subject: [PATCH] Firestore: Adjust rules for campaigns

---
 firestore.rules                      |  4 ++++
 shared/tests/firestore.rules.test.ts | 15 ++++++++++++++-
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/firestore.rules b/firestore.rules
index af5a45303..05f4400ea 100644
--- a/firestore.rules
+++ b/firestore.rules
@@ -79,6 +79,10 @@ service cloud.firestore {
     match /world-development-indicators/{data} {
       allow read: if true;
     }
+
+    match /campaigns/{document=**} {
+      allow create: if true;
+    }
   }
 
   match /databases/{database}/documents {
diff --git a/shared/tests/firestore.rules.test.ts b/shared/tests/firestore.rules.test.ts
index c4bfb1674..fc120ceef 100644
--- a/shared/tests/firestore.rules.test.ts
+++ b/shared/tests/firestore.rules.test.ts
@@ -5,11 +5,13 @@ import {
 	RulesTestEnvironment,
 } from '@firebase/rules-unit-testing';
 import { describe, expect } from '@jest/globals';
+import { DocumentData } from 'firebase-admin/firestore';
 import firebase from 'firebase/compat/app';
-import { collection, doc, getDoc, getDocs, query, setDoc } from 'firebase/firestore';
+import { addDoc, collection, doc, getDoc, getDocs, query, setDoc } from 'firebase/firestore';
 import * as fs from 'fs';
 import * as path from 'path';
 import { AdminUser } from '../src/types/admin-user';
+import { CAMPAIGN_FIRESTORE_PATH } from '../src/types/campaign';
 import { USER_FIRESTORE_PATH } from '../src/types/user';
 
 let testEnvironment: RulesTestEnvironment;
@@ -113,6 +115,17 @@ describe('Test user access', () => {
 	});
 });
 
+describe('Test campaign rules', () => {
+	it('Permission to create campaigns, but not reading them', async () => {
+		const ref = await addDoc(collection(userAppAccess, CAMPAIGN_FIRESTORE_PATH), {
+			title: 'TestCampaign',
+		} as DocumentData);
+		expect(ref.id).toBeDefined();
+
+		await assertFails(getDoc(doc(userAppAccess, CAMPAIGN_FIRESTORE_PATH, ref.id)));
+	});
+});
+
 afterAll(async () => {
 	await testEnvironment.cleanup();
 });