Closed technophile-04 closed 7 months ago
vercel[bot]
commented
7 months ago The latest updates on your projects. Learn more about Vercel for Git ↗︎
| Name | Status | Preview | Comments | Updated (UTC) |
|---|---|---|---|---|
| grants-bg | ✅ Ready (Inspect) | Visit Preview | 💬 Add feedback | Apr 18, 2024 2:26pm |
technophile-04
commented
7 months ago Question:
Should have two icons here(they will be different) ? Like one just adding/updating note and another for editing the grant ?
Because currently, while adding note admin has to sign whole thing with grant title, desc etc
But if we have separate icon we may also want to create separate API endoint just to handled adding / updating note
Both seems fine to me, but would love to hear others thought 🙌
carletex
commented
7 months ago This is amazing @technophile-04
Thank you for the research. Found one bug (pushed a fix) + add another comment that I want to discuss.
Merging this for now so we can use it today!
Thanks!!!!
Description
Reference videos in order:
- [Firestore subcollections](https://youtu.be/o7d5Zeic63s?si=pmmARyYEKMxKB7X8) - [How to structure your data](https://youtu.be/haMOUb3KVSo?si=C0Y6WPzzG372qdi6) - [Security rules(not that importan)](https://youtu.be/haMOUb3KVSo?si=C0Y6WPzzG372qdi6)A bit about firebase sercurity rules which I didn't knew:
We create this rule in firestore console from firebase UI. The security are useful when you are using firebase client SDK and don't have any server in between. The security applied are bypassed when you are using firebase admin SDK. ^ Since firebase admin SDK is used in the server, it is assumed that the server is secure.Partial document retrieval is not supported in firebaseSDK:
When retrieving a document, all its data is fetched. You cannot omit some fields while getting a document in firebase sdk. If we add a field called `privateNote` in document, it will be fetched with the document even if we don't need it. So with the below code example: ```ts // https://github.com/BuidlGuidl/grants.buidlguidl.com/blob/8998f332dd6cca166b887e72cd7d08f135521b0e/packages/nextjs/services/database/grants.ts#L41 // Function is called when retrieving grants for a builder (/my-grants) const grantsSnapshot = await grantsCollection .where("builder", "==", userAddress) .get(); const grants: GrantData[] = []; grantsSnapshot.forEach((doc) => { grants.push({ id: doc.id, ...doc.data() } as GrantData); }); return grants; // ^ [{id: "1", privateNote: "this is private note" ...}] // privateNote will be present ```-To solve above problem basically not getting
privateNotefield in grant doc, people seem to use subcollection since they are not at all shown when you retrive a grant doc.So yup as mentioned yesterday a way to solve #113 :
Remove
privateNotefield manually from each grant on server before sending to grants forapi/builders/[builderAddress]/grants/ any endpoint expect adminUsing subcollection, because subcollections are not retrived when we query the parent collection.
Having a separate collection and refering its doc.id in grants document.
privateNoteIdwill always be present and we need to manually remove like in 1.The billing for 2. and 3. are the same (because they both will have same no of read in our case)
But yeah 3. is the same as 1. in our case, since we have server in b/w and not direclty interacting with firebase through firebase client SDK
Hence went with option 2. (So no private note filed is shown when retreiving grant until we explictly query for it) and also this didn't require updation to current api endpiont / function (like remove filed before sending from server)
Demo :
https://github.com/BuidlGuidl/grants.buidlguidl.com/assets/80153681/c8c7b5b2-450a-47d1-a2bb-ca7faf605963