Update Firestore rules for user data access and adjust Firestore port; refactor document timestamp handling for consistency

Novapool · Novapool · commit 23273037f252 · 2025-03-28T18:37:06.000-04:00
diff --git a/firebase.json b/firebase.json
@@ -40,7 +40,7 @@
       "port": 5001
     },
     "firestore": {
-      "port": 8080
+      "port": 8090
     },
     "hosting": {
       "port": 5010
diff --git a/firestore.rules b/firestore.rules
@@ -1,51 +1,34 @@
 rules_version = '2';
-
 service cloud.firestore {
   match /databases/{database}/documents {
-    // Helper functions
-    function isAuthenticated() {
-      return request.auth != null;
-    }
-    
-    function isOwner(userId) {
-      return isAuthenticated() && request.auth.uid == userId;
+    // Base rule - deny access by default
+    match /{document=**} {
+      allow read, write: if false;
     }
     
-    // Users collection
+    // User data - allow users to access their own data
     match /users/{userId} {
-      // Users can read and update their own profiles
-      allow read, update: if isOwner(userId);
-      // Only allow creation through Cloud Functions (triggered by Auth)
-      allow create: if false;
-      // Only allow deletion through Cloud Functions
-      allow delete: if false;
+      allow read, write: if request.auth != null && request.auth.uid == userId;
       
-      // Add rules for documents subcollection
-      match /documents/{documentType} {
-        allow read: if isOwner(userId);
-        // Allow Cloud Functions to write to this collection
-        allow write: if false;
+      // Allow access to documents subcollection
+      match /documents/{documentId} {
+        allow read, write: if request.auth != null && request.auth.uid == userId;
       }
       
-      // Add rules for predictions subcollection
+      // Allow access to data subcollection
+      match /data/{dataId} {
+        allow read, write: if request.auth != null && request.auth.uid == userId;
+      }
+      
+      // Allow access to predictions subcollection
       match /predictions/{predictionId} {
-        allow read: if isOwner(userId);
-        allow write: if false;
+        allow read, write: if request.auth != null && request.auth.uid == userId;
+      }
+      
+      // Allow access to calculations subcollection
+      match /calculations/{calculationId} {
+        allow read, write: if request.auth != null && request.auth.uid == userId;
       }
-    }
-    
-    // Courses collection - will be implemented later
-    match /courses/{courseId} {
-      // Users can read courses they're enrolled in
-      allow read: if isAuthenticated() && 
-        exists(/databases/$(database)/documents/users/$(request.auth.uid)/courses/$(courseId));
-      // Write operations will be handled by Cloud Functions
-      allow write: if false;
-    }
-    
-    // Default deny all
-    match /{document=**} {
-      allow read, write: if false;
     }
   }
-}
+}
diff --git a/functions-node/formatDocumentsData.js b/functions-node/formatDocumentsData.js
@@ -2,6 +2,7 @@ const OpenAI = require('openai');
 const functions = require('firebase-functions');
 const admin = require('firebase-admin');
 const { DOCUMENT_TYPES, normalizeDocumentType } = require('./constants/documentTypes');
+const { FieldValue } = require('firebase-admin/firestore'); 
 
 /**
  * Formats all document data using a single OpenAI API call to ensure consistent structure
@@ -140,6 +141,12 @@ exports.formatDocumentsData = async (userId, force = false) => {
     console.error('Error formatting data with OpenAI:', error);
     console.error(error.stack);
     
+    // Make sure documentsByType exists before using it
+    if (typeof documentsByType === 'undefined') {
+      console.log('documentsByType is undefined, creating empty object');
+      return createFallbackFormattedData({});
+    }
+    
     // Return a fallback format in case of error
     return createFallbackFormattedData(documentsByType);
   }
@@ -257,7 +264,7 @@ async function storeFormattedData(userId, formattedData) {
   try {
     await db.collection('users').doc(userId).collection('data').doc('formatted_data').set({
       formatted_data: formattedData,
-      lastUpdated: admin.firestore.FieldValue.serverTimestamp()
+      lastUpdated: FieldValue.serverTimestamp() 
     });
     
     console.log('Successfully stored formatted data');
@@ -296,7 +303,7 @@ async function updateDocumentStatus(userId, documents) {
     if (currentStatus === 'extracted') {
       batch.update(docRef, { 
         status: 'processed',
-        processedAt: admin.firestore.FieldValue.serverTimestamp()
+        processedAt: FieldValue.serverTimestamp()
       });
       updateCount++;
       console.log(`Marking document ${doc.id} as processed (type: ${docData.documentType})`);
