Severity: LOW
Description
In lib/services/bill_service.dart, addMemberToGroup() checks the member count and then updates in two separate Firestore calls. Two simultaneous requests could both pass the check and exceed maxGroupMembers.
Recommendation
Either:
- Use a Firestore transaction to atomically check-and-update
- Or enforce the limit in Firestore security rules (already partially addressed — rules now enforce
members.size() <= 2 on update)
The Firestore rule enforcement already mitigates this at the backend level. The client-side fix is optional but would provide better UX (prevent a failed write).
Files
lib/services/bill_service.dart — addMemberToGroup() method
Severity: LOW
Description
In
lib/services/bill_service.dart,addMemberToGroup()checks the member count and then updates in two separate Firestore calls. Two simultaneous requests could both pass the check and exceedmaxGroupMembers.Recommendation
Either:
members.size() <= 2on update)The Firestore rule enforcement already mitigates this at the backend level. The client-side fix is optional but would provide better UX (prevent a failed write).
Files
lib/services/bill_service.dart—addMemberToGroup()method