- User Profiles: Every user must have a profile. A user can only modify their own profile.
- Challenges & Prompts: These are managed by the Chief-AI-Editor/Admin. Users have read-only access.
- Submissions:
- Must be linked to a valid prompt and user.
- Visibility toggle (
isVisible) controls community access. - Users can only create/edit their own submissions.
- Comments:
- Can only be added to visible submissions.
- Users can only edit/delete their own comments.
- Chats:
- Private conversations between two users.
- Only the sender and receiver have read access.
- Events: Community events are read-only for users.
- Identity Theft: User A tries to update User B's profile.
- Shadow Submission: User A tries to create a submission claiming to be User B.
- Prompt Hijack: User A tries to create or delete a global writing prompt.
- Invisible Commenting: User A tries to comment on User B's private (isVisible: false) submission.
- Ghost Chat: User C tries to read a chat between User A and User B.
- Admin Spoofing: User A tries to set
isAdmin: trueon their own profile during creation. - Resource Poisoning: Submitting a 1MB string to a tiny field like
displayName. - Orphaned Submission: Creating a submission for a non-existent
promptId. - Relational Leak: Updating someone else's submission visibility.
- State Shortcut: Deleting a challenge that has active participants.
- PII Exposure: Reading the private
bioof another user who has not shared it. - Batch Inconsistency: Creating a comment without checking if the parent submission still exists.
I will implement firestore.rules using the "Master Gate" and "isValidEntity" patterns.
Verification of email_verified will be enforced for all writes.