Currently, multiple API methods are available to retrieve donations. Components that handle donation data are currently managing what information is retrieved.
User stories:
As an API user, I want to provide options to filter what kind of donations I need to retrieve (e.g. only active donations, only donations of a certain category, donations that contain certain text in their description, donations submitted by a group of users)
As a front-end and back-end contributor, I want to work with a single method to retrieve donations
As a Component contributor, I don't want to manage claims within the component.
Acceptance criteria:
Users without any claims may only retrieve items they have submitted for donation
A claim should be provided as an attribute to permite a user to retrieve all donations
Firestore rules should be in place to control access to donations
The API has one method call to retrieve donations
Donations are cached with a rudimentary strategy and a preflight check takes place to update application state
Firestore rules permit read access to Firestore donation-related Collections when an authorized user has an admin claim. Authorized users without an admin claim are also permitted to read donations, however, Cloud Functions that carry-out retrieving donation data filter data that is provided to the user based on the user's present claim(s).
Currently, multiple API methods are available to retrieve donations. Components that handle donation data are currently managing what information is retrieved.
User stories:
Acceptance criteria:
Firestore rules permit read access to Firestore donation-related Collections when an authorized user has an admin claim. Authorized users without an admin claim are also permitted to read donations, however, Cloud Functions that carry-out retrieving donation data filter data that is provided to the user based on the user's present claim(s).