@edgedev/firebase 1.7.3 → 1.7.5

package/README.md

@@ -374,12 +374,13 @@ Remove a role from a user for a collection:
 
 ### Root permissions and first user
 
-You can assign a user access to all collections in the entire project by giving them a role on "-", which is used to define the root collection path.  This would be for someone who is acting like a super admin.   If this is your first user, you will need to manually set them up in the Firstore console. Once a root user is added manually you can use this user to add other "root users" or setup other collections and assign roles to them.  The first time you login with your root user the collection-data/-default- role permissions document (mentioned above) will be automatically created.
+You can assign a user access to all collections in the entire project by giving them a role on "-", which is used to define the root collection path.  This would be for someone who is acting like a super admin.   If this is your first user, you will need to manually set them up in the Firstore console inside the "staged-users". Once a root user is added manually, you will need to "Register" that user using the docId of the "staged user" as the registration code, please see the user registration section of this documentation. You can use this user to add other "root users" or setup other collections and assign roles to them.  You will also need to manually create the collection-data/-default- role permissions document (mentioned above) and the root permission document, see examples below:
 
-| ![root-collection-roles](./images/root-collection-roles.png) | ![root-user](./images/root-user.jpg) |
-| ------------------------------------------------------------ | ------------------------------------ |
+![root-collection-roles](./images/default-collection-roles.png)
 
+![root-collection-roles](./images/root-collection-roles.png)
 
+![root-user](./images/root-user.png)
 
 ### User special permissions
 
@@ -1005,38 +1006,38 @@ service cloud.firestore {
         allow get: if checkPermission(seg1 + "-" + seg2, "read");
         allow list: if checkPermission(seg1, "read");
         allow create: if checkPermission(seg1, "write");
-        allow update: if checkPermission(seg1, "write");
+        allow update: if checkPermission(seg1 + "-" + seg2, "write");
         allow delete: if checkPermission(seg1, "delete");
         match /{seg3} {
           allow get: if checkPermission(seg1 + "-" + seg2 + "-" + seg3, "read");
           allow list: if checkPermission(seg1 + "-" + seg2, "read");
           allow create: if checkPermission(seg1 + "-" + seg2, "write");
-          allow update: if checkPermission(seg1 + "-" + seg2, "write");
+          allow update: if checkPermission(seg1 + "-" + seg2 + "-" + seg3, "write");
           allow delete: if checkPermission(seg1 + "-" + seg2, "delete");
           match /{seg4} {
             allow get: if checkPermission(seg1 + "-" + seg2 + "-" + seg3 + "-" + seg4, "read");
             allow list: if checkPermission(seg1 + "-" + seg2 + "-" + seg3, "read");
             allow create: if checkPermission(seg1 + "-" + seg2 + "-" + seg3, "write");
-            allow update: if checkPermission(seg1 + "-" + seg2 + "-" + seg3, "write");
+            allow update: if checkPermission(seg1 + "-" + seg2 + "-" + seg3 + "-" + seg4, "write");
             allow delete: if checkPermission(seg1 + "-" + seg2 + "-" + seg3, "delete");
 
             match /{seg5} {
               allow get: if checkPermission(seg1 + "-" + seg2 + "-" + seg3 + "-" + seg4 + "-" + seg5, "read");
               allow list: if checkPermission(seg1 + "-" + seg2 + "-" + seg3 + "-" + seg4, "read");
               allow create: if checkPermission(seg1 + "-" + seg2 + "-" + seg3 + "-" + seg4, "write");
-              allow update: if checkPermission(seg1 + "-" + seg2 + "-" + seg3 + "-" + seg4, "write");
+              allow update: if checkPermission(seg1 + "-" + seg2 + "-" + seg3 + "-" + seg4 + "-" + seg5, "write");
               allow delete: if checkPermission(seg1 + "-" + seg2 + "-" + seg3 + "-" + seg4, "delete");
               match /{seg6} {
                 allow get: if checkPermission(seg1 + "-" + seg2 + "-" + seg3 + "-" + seg4 + "-" + seg5 + "-" + seg6, "read");
                 allow list: if checkPermission(seg1 + "-" + seg2 + "-" + seg3 + "-" + seg4 + "-" + seg5, "read");
                 allow create: if checkPermission(seg1 + "-" + seg2 + "-" + seg3 + "-" + seg4 + "-" + seg5, "write");
-                allow update: if checkPermission(seg1 + "-" + seg2 + "-" + seg3 + "-" + seg4 + "-" + seg5, "write");
+                allow update: if checkPermission(seg1 + "-" + seg2 + "-" + seg3 + "-" + seg4 + "-" + seg5 + "-" + seg6, "write");
                 allow delete: if checkPermission(seg1 + "-" + seg2 + "-" + seg3 + "-" + seg4 + "-" + seg5, "delete");
                 match /{seg7} {
                   allow get: if checkPermission(seg1 + "-" + seg2 + "-" + seg3 + "-" + seg4 + "-" + seg5 + "-" + seg6 + "-" + seg7, "read");
                   allow list: if checkPermission(seg1 + "-" + seg2 + "-" + seg3 + "-" + seg4 + "-" + seg5 + "-" + seg6, "read");
                   allow create: if checkPermission(seg1 + "-" + seg2 + "-" + seg3 + "-" + seg4 + "-" + seg5 + "-" + seg6, "write");
-                  allow update: if checkPermission(seg1 + "-" + seg2 + "-" + seg3 + "-" + seg4 + "-" + seg5 + "-" + seg6, "write");
+                  allow update: if checkPermission(seg1 + "-" + seg2 + "-" + seg3 + "-" + seg4 + "-" + seg5 + "-" + seg6 + "-" + seg7, "write");
                   allow delete: if checkPermission(seg1 + "-" + seg2 + "-" + seg3 + "-" + seg4 + "-" + seg5 + "-" + seg6, "delete");
                 }
               }

package/edgeFirebase.ts

@@ -44,6 +44,9 @@ import {
   connectAuthEmulator,
 } from "firebase/auth";
 
+
+import { getAnalytics, logEvent } from "firebase/analytics";
+
 interface FirestoreQuery {
   field: string;
   operator: WhereFilterOp; // '==' | '<' | '<=' | '>' | '>=' | 'array-contains' | 'in' | 'array-contains-any';
@@ -108,7 +111,7 @@ interface newUser {
     role: string,
     dynamicDocumentField: string, // This is the field in the document that will be set by the value of "dynamicDocumentFieldValue" passed during registration, like "name"
     documentStructure: {
-      [key: string]: any
+      [key: string]: unknown
     }
   };
 }
@@ -151,6 +154,7 @@ interface firebaseConfig {
   messagingSenderId: string;
   appId: string;
   emulatorAuth?: string;
+  measurementId?: string;
   emulatorFirestore?: string;
 }
 
@@ -174,6 +178,7 @@ export const EdgeFirebase = class {
       storageBucket: "",
       messagingSenderId: "",
       appId: "",
+      measurementId: "",
       emulatorAuth: "",
       emulatorFirestore: ""
     },
@@ -196,6 +201,10 @@ export const EdgeFirebase = class {
       connectFirestoreEmulator(this.db, "localhost", this.firebaseConfig.emulatorFirestore)
     }
 
+    if (this.firebaseConfig.measurementId) {
+      this.anaytics = getAnalytics(this.app);
+    }
+
     this.setOnAuthStateChanged();
   }
 
@@ -205,6 +214,14 @@ export const EdgeFirebase = class {
   public auth = null;
   public db = null;
 
+  private anaytics = null;
+
+  public logAnalyticsEvent = (eventName: string, eventParams: object = {}) => {
+    if (this.anaytics) {
+      logEvent(this.anaytics, eventName, eventParams);
+    }
+  };
+
   private initUserMetaPermissions = async (docSnap): Promise<void> => {
     this.user.meta = {};
     if (docSnap.exists()) {
@@ -352,6 +369,7 @@ export const EdgeFirebase = class {
         this.user.uid = userAuth.uid;
         this.user.logInError = false;
         this.user.logInErrorMessage = "";
+        this.logAnalyticsEvent("login", { uid: this.user.uid });
         this.waitForUser();
       } else {
         this.user.email = "";
@@ -417,7 +435,7 @@ export const EdgeFirebase = class {
         initRoleHelper["edge-assignment-helper"] = {permissionType: "roles"}
         await setDoc(doc(this.db, "rule-helpers", response.user.uid), initRoleHelper);
         await updateDoc(doc(this.db, "staged-users/" + userRegister.registrationCode), stagedUserUpdate)
-        
+        this.logAnalyticsEvent("sign_up", { uid: response.user.uid});
         return this.sendResponse({
           success: true,
           message: "",
@@ -806,6 +824,7 @@ export const EdgeFirebase = class {
       if (this.unsubscibe[key] instanceof Function) {
         this.unsubscibe[key]();
         this.unsubscibe[key] = null;
+        this.data[key] = {};
       }
     }
     signOut(this.auth).then(() => {
@@ -829,7 +848,7 @@ export const EdgeFirebase = class {
       credentials.password
     )
     .then(() => {
-      // do nothing
+     // Do nothing
     })
     .catch((error) => {
       this.user.email = "";
@@ -1480,62 +1499,107 @@ export const EdgeFirebase = class {
     }
   };
 
-  // Composable to update/add a document
-  public storeDoc = async (
+  // TODO: Add documentation for this function
+  public changeDoc = async (
     collectionPath: string,
-    item: object,
+    docId: string,
+    item: object
   ): Promise<actionResponse> => {
-    const canWrite = await this.permissionCheck("write", collectionPath);
+    const canWrite = await this.permissionCheck("write", collectionPath + "/" + docId);
     if (!canWrite) {
       return this.sendResponse({
         success: false,
-        message: `You do not have permission to write to "${collectionPath}"`,
+        message: `You do not have permission to write to "${collectionPath}/${docId}"`,
         meta: {}
       });
     } else {
+      const docRef = doc(this.db, collectionPath, docId);
+      const docSnap = await getDoc(docRef);
+      if (!docSnap.exists()) {
+        return this.sendResponse({
+          success: false,
+          message: `Document "${docId}" does not exist in "${collectionPath}"`,
+          meta: {}
+        });
+      }
       const cloneItem = JSON.parse(JSON.stringify(item));
       const currentTime = new Date().getTime();
       cloneItem.last_updated = currentTime;
       cloneItem.uid = this.user.uid;
-      if (!Object.prototype.hasOwnProperty.call(cloneItem, "doc_created_at")) {
-        cloneItem.doc_created_at = currentTime;
-      }
-      if (Object.prototype.hasOwnProperty.call(cloneItem, "docId")) {
-        const docId = cloneItem.docId;
-        const canRead = this.permissionCheckOnly("read", collectionPath);
-        if (canRead) {
-          if (Object.prototype.hasOwnProperty.call(this.data, collectionPath)) {
-            this.data[collectionPath][docId] = cloneItem;
-          }
-        }
-        await setDoc(doc(this.db, collectionPath, docId), cloneItem);
+      await updateDoc(doc(this.db, collectionPath, docId), cloneItem);
+      return this.sendResponse({
+        success: true,
+        message: "",
+        meta: {}
+      });
+    }
+  };
+
+
+  public storeDoc = async (
+    collectionPath: string,
+    item: object,
+  ): Promise<actionResponse> => {
+    
+    const cloneItem = JSON.parse(JSON.stringify(item));
+    const currentTime = new Date().getTime();
+    cloneItem.last_updated = currentTime;
+    cloneItem.uid = this.user.uid;
+    if (!Object.prototype.hasOwnProperty.call(cloneItem, "doc_created_at")) {
+      cloneItem.doc_created_at = currentTime;
+    }
+    if (Object.prototype.hasOwnProperty.call(cloneItem, "docId")) {
+      const canWrite = await this.permissionCheck("write", collectionPath + "/" + cloneItem.docId);
+      if (!canWrite) {
         return this.sendResponse({
-          success: true,
-          message: "",
-          meta: {docId}
+          success: false,
+          message: `You do not have permission to write to "${collectionPath}/${cloneItem.docId}"`,
+          meta: {}
         });
-      } else {
-        const docRef = await addDoc(
-          collection(this.db, collectionPath),
-          cloneItem
-        );
-        const canRead = this.permissionCheckOnly("read", collectionPath);
-        if (canRead) {
-          if (Object.prototype.hasOwnProperty.call(this.data, collectionPath)) {
-            this.data[collectionPath][docRef.id] = cloneItem;
-          }
+      }
+      const docId = cloneItem.docId;
+      const canRead = this.permissionCheckOnly("read", collectionPath);
+      if (canRead) {
+        if (Object.prototype.hasOwnProperty.call(this.data, collectionPath)) {
+          this.data[collectionPath][docId] = cloneItem;
         }
-        await this.storeDoc(
-          collectionPath,
-          { ...cloneItem, docId: docRef.id }
-        );
+      }
+      await setDoc(doc(this.db, collectionPath, docId), cloneItem);
+      return this.sendResponse({
+        success: true,
+        message: "",
+        meta: {docId}
+      });
+    } else {
+      const canWrite = await this.permissionCheck("write", collectionPath);
+      if (!canWrite) {
         return this.sendResponse({
-          success: true,
-          message: "",
-          meta: {docId: docRef.id}
+          success: false,
+          message: `You do not have permission to write to "${collectionPath}"`,
+          meta: {}
         });
       }
+      const docRef = await addDoc(
+        collection(this.db, collectionPath),
+        cloneItem
+      );
+      const canRead = this.permissionCheckOnly("read", collectionPath);
+      if (canRead) {
+        if (Object.prototype.hasOwnProperty.call(this.data, collectionPath)) {
+          this.data[collectionPath][docRef.id] = cloneItem;
+        }
+      }
+      await this.storeDoc(
+        collectionPath,
+        { ...cloneItem, docId: docRef.id }
+      );
+      return this.sendResponse({
+        success: true,
+        message: "",
+        meta: {docId: docRef.id}
+      });
     }
+    
   };
 
   // Composable to delete a document

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@edgedev/firebase",
-  "version": "1.7.3",
+  "version": "1.7.5",
   "description": "Vue 3 / Nuxt 3 Plugin or Nuxt 3 plugin for firebase authentication and firestore.",
   "main": "index.ts",
   "scripts": {