[feat(security)] : implement emergency quick-exit and disguised safe-view mode

firestore.rules

@@ -0,0 +1,66 @@
+rules_version = '2';
+service cloud.firestore {
+  match /databases/{database}/documents {
+    // Helper function to check if the current user is an admin
+    function isAdmin() {
+      return request.auth != null &&
+             request.auth.token.email != null &&
+             exists(/databases/$(database)/documents/admins/$(request.auth.token.email.toLowerCase()));
+    }
+
+    // Rules for the admins collection
+    match /admins/{email} {
+      allow read: if request.auth != null && (request.auth.token.email.toLowerCase() == email.toLowerCase() || isAdmin());
+      allow write: if isAdmin();
+    }
+
+    // Rules for user profiles
+    match /profiles/{userId} {
+      allow read: if request.auth != null;
+      allow create, update: if request.auth != null && request.auth.uid == userId;
+      allow delete: if isAdmin();
+    }
+
+    // Rules for stories
+    match /stories/{storyId} {
+      allow read: if true;
+      allow create: if request.auth != null;
+      allow update: if request.auth != null && (request.auth.uid == resource.data.author_id || isAdmin());
+      allow delete: if isAdmin();
+    }
+
+    // Rules for reactions
+    match /reactions/{reactionId} {
+      allow read: if true;
+      allow create, update: if request.auth != null;
+      allow delete: if request.auth != null && (request.auth.uid == resource.data.user_id || isAdmin());
+    }
+
+    // Rules for reports
+    match /reports/{reportId} {
+      allow read: if isAdmin();
+      allow create: if request.auth != null;
+      allow update, delete: if isAdmin();
+    }
+
+    // Rules for ngos
+    match /ngos/{ngoId} {
+      allow read: if true;
+      allow write: if isAdmin();
+    }
+
+    // Rules for ngo_requests
+    match /ngo_requests/{requestId} {
+      allow read: if isAdmin();
+      allow create: if request.auth != null;
+      allow update, delete: if isAdmin();
+    }
+
+    // Rules for testimonials
+    match /testimonials/{testimonialId} {
+      allow read: if true;
+      allow create: if request.auth != null;
+      allow update, delete: if isAdmin();
+    }
+  }
+}

src/App.tsx

@@ -1,5 +1,7 @@
 import { BrowserRouter as Router, Routes, Route } from 'react-router-dom';
 import { ThemeProvider } from './context/ThemeContext';
+import { SafetyProvider, useSafety } from './context/SafetyContext';
+import DisguiseView from './components/DisguiseView';
 import { Toaster } from 'react-hot-toast';
 import Navbar from './components/Navbar';
 import Home from './pages/Home';
@@ -21,14 +23,20 @@ import NotFound from './pages/NotFound';
 
 
 
-function App() {
+function AppContent() {
+  const { isDisguised } = useSafety();
+
   return (
-    <ThemeProvider>
-      <Router>
-        <ScrollToTop />
-        {/* // Global back-to-top button available across all pages */}
-        <BackToTop />
-        <div className="min-h-screen bg-gray-50 dark:bg-gray-900 transition-colors duration-200">
+    <Router>
+      <ScrollToTop />
+      {/* // Global back-to-top button available across all pages */}
+      <BackToTop />
+      <div className="min-h-screen bg-gray-50 dark:bg-gray-900 transition-colors duration-200">
+        {isDisguised && <DisguiseView />}
+        <div 
+          aria-hidden={isDisguised ? 'true' : undefined}
+          style={isDisguised ? { display: 'none' } : undefined}
+        >
           <Navbar />
           <main>
             <Routes>
@@ -48,9 +56,19 @@ function App() {
             </Routes>
           </main>
           <Footer />
-          <Toaster position="top-center" />
         </div>
-      </Router>
+        <Toaster position="top-center" />
+      </div>
+    </Router>
+  );
+}
+
+function App() {
+  return (
+    <ThemeProvider>
+      <SafetyProvider>
+        <AppContent />
+      </SafetyProvider>
     </ThemeProvider>
   );
 }