allow resetting security rules (#318)

CHANGELOG.md

@@ -1,6 +1,7 @@
 ## 3.0.3
 
-Upgraded rxdart to ^0.28.0
+- Upgraded rxdart to ^0.28.0. Thank you [daniloapr](https://github.com/daniloapr)! [PR-315](https://github.com/atn832/fake_cloud_firestore/issues/315)
+- Exposed `securityRules`. [PR-318](https://github.com/atn832/fake_cloud_firestore/pull/318)
 
 ## 3.0.2
 

README.md

@@ -166,6 +166,10 @@ See <https://github.com/atn832/fake_cloud_firestore/blob/master/test/security_te
 
 Right now we only support operations on `DocumentReference`. Later we will implement security checks for batch requests, collections and queries. Furthermore, we do not support `timestamps` and `durations` yet. See [Fake Firebase Rules](https://pub.dev/packages/fake_firebase_security_rules) for an exhaustive list of what is and is not supported.
 
+#### Resetting security rules
+
+You can also dynamically change the security rules. This is useful if you want to first set up data without any restriction, then apply security rules for the actual tests.
+
 ## Features
 
 - Dump the state of the fake firebase with `FakeFirebaseFirestore.dump()`.
@@ -189,6 +193,7 @@ Right now we only support operations on `DocumentReference`. Later we will imple
 - Security rules:
   - Initialize `FakeFirebaseFirestore` with custom security rules.
   - `FakeFirebaseFirestore` takes authentication state from [firebase_auth_mocks](https://pub.dev/packages/firebase_auth_mocks) into account.
+  - Reset security rules.
   - `DocumentReference.get`, `set`, `update` and `delete` are protected.
 
 ## Compatibility table

lib/src/fake_cloud_firestore_instance.dart

@@ -35,9 +35,10 @@ class FakeFirebaseFirestore implements FirebaseFirestore {
   // Auth objects used to test the security of each request.
   final BehaviorSubject<Map<String, dynamic>?> authObject =
       BehaviorSubject<Map<String, dynamic>?>();
-  final FakeFirebaseSecurityRules securityRules;
   final Clock _clock;
 
+  FakeFirebaseSecurityRules securityRules;
+
   FakeFirebaseFirestore({
     Stream<Map<String, dynamic>?>? authObject,
     String? securityRules,

test/security_test.dart

@@ -1,4 +1,5 @@
 import 'package:fake_cloud_firestore/fake_cloud_firestore.dart';
+import 'package:fake_firebase_security_rules/fake_firebase_security_rules.dart';
 import 'package:firebase_auth_mocks/firebase_auth_mocks.dart';
 import 'package:rxdart/rxdart.dart';
 import 'package:test/test.dart';
@@ -67,6 +68,23 @@ void main() {
     expect(() => instance.doc('some_collection/doc1').get(), throwsException);
     expect(() => instance.doc('outside/doc2').get(), throwsException);
   });
+
+  test('getter setter', () async {
+    final instance = FakeFirebaseFirestore();
+    await instance.doc('users/user1').set({'name': 'zeta'});
+
+    // Can still read at this point.
+    // Gotta use `expectLater`. Otherwise, the read may happen after setting the
+    // security rules below. See
+    // https://pub.dev/documentation/matcher/latest/expect/completes.html
+    await expectLater(instance.doc('users/user1').get(), completes);
+
+    // Preventing future reads.
+    instance.securityRules =
+        FakeFirebaseSecurityRules(allowWriteOnlyDescription);
+    expect(() => instance.doc('users/user1').get(), throwsException);
+  });
+
   test('manually simulating authentication', () async {
     final auth = BehaviorSubject<Map<String, dynamic>?>();
     final instance = FakeFirebaseFirestore(