Probus Security Overview🔐 Probus Security Overview
      Admin Access: This page is editable only by:

      • admin@combinedprobusclubofcherrybrook.org

      • combinedprobusclubcherrybrook@gmail.com


      All other committee members have read-only access.
    

      ✅ Authentication
      Firebase Authentication using email + password
All members have unique logins
Password complexity enforced: 8+ characters, capital letter, number, special character
Secure reset flow includes verification code and confirmation email


      ✅ Authorisation
      Session-based role detection using Firestore member profile
Helper functions: isAdmin(), isCommittee(), etc.
UI-level restrictions: admin-only fields hidden/disabled


      ✅ Firestore Rules & Data Access
      Read/write access enforced via Firestore security rules
Admin-only fields restricted by role
Logged-in members can read public data and their own profile


      ✅ Audit Logging
      Key actions (e.g. adding members, uploading images) are logged with timestamp and actor ID
Stored in auditLogs Firestore collection


      ✅ External Services
      📧 MailerSend used for transactional emails (via Firebase Function)
📩 MailerLite used for newsletter campaigns (sync via API proxy)
🖼 ImgBB used for image uploads, with preview, delete, and unused image cleanup


      ✅ Infrastructure
      Cloud Functions used for email, PDF generation (in progress), and API integration
Session state managed via sessionStorage
Deployment and config managed via Firebase CLI

    

🔐 Probus Security Overview

✅ Authentication

✅ Authorisation

✅ Firestore Rules & Data Access

✅ Audit Logging

✅ External Services

✅ Infrastructure

Combined Probus Club of Cherrybrook Inc.

Location

Contact