it("should let anyone create a room", async () => { const db = authedApp({ uid: "alice" }); const room = db.collection("rooms").doc("firebase"); await firebase.assertSucceeds( room.set({ owner: "alice", topic: "All Things Firebase" }) ); });
it("should enforce the createdAt date in user profiles", async () => { const db = authedApp({ uid: "alice" }); const profile = db.collection("users").doc("alice"); await firebase.assertFails(profile.set({ birthday: "January 1" })); await firebase.assertSucceeds( profile.set({ birthday: "January 1", createdAt: firebase.firestore.FieldValue.serverTimestamp() }) ); });
it("should only let users create their own profile", async () => { const db = authedApp({ uid: "alice" }); await firebase.assertSucceeds( db .collection("users") .doc("alice") .set({ birthday: "January 1", createdAt: firebase.firestore.FieldValue.serverTimestamp() }) ); await firebase.assertFails( db .collection("users") .doc("bob") .set({ birthday: "January 1", createdAt: firebase.firestore.FieldValue.serverTimestamp() }) ); });
it("should not let one user steal a room from another user", async () => { const alice = authedApp({ uid: "alice" }); const bob = authedApp({ uid: "bob" }); await firebase.assertSucceeds( bob .collection("rooms") .doc("snow") .set({ owner: "bob", topic: "All Things Snowboarding" }) ); await firebase.assertFails( alice .collection("rooms") .doc("snow") .set({ owner: "alice", topic: "skiing > snowboarding" }) ); });
it("should let anyone read any profile", async () => { const db = authedApp(null); const profile = db.collection("users").doc("alice"); await firebase.assertSucceeds(profile.get()); });