Tech Governance & Structural Review -- 2

@techsty2014

Good to see this project, I will conduct a full technical governance and structural audit across your GitHub organization, Firebase infrastructure, admin panel, and codebase. The review will cover org structure, repo permissions, branch protection, secret exposure, Firestore rules, IAM roles, admin panel authorization enforcement, and code architecture quality - with a structured report and prioritized action items for each area. One critical area I will focus on is validating that server-side authorization in your admin panel truly enforces the same restrictions shown in the UI. In many Firebase-based setups, Firestore security rules and Cloud Function checks do not fully mirror frontend role distinctions between Admin and Staff. This creates privilege escalation paths that only surface under targeted testing, not normal usage. I will map each sensitive operation to its backend enforcement to identify any gaps. Questions: 1) How many repositories and Firebase projects are in scope for this milestone? 2) Is the admin panel built with a specific framework (React, Angular, Vue) and does it use Firebase Auth for session management? 3) Are there any existing security policies or prior audit reports I should review as a baseline? Looking forward to discussing further. Best regards, Faizan

@tangramua

Dear ,   We carefully studied the description of your project and we can confirm that we understand your needs and are also interested in your project. Our team has the necessary resources to start your project as soon as possible and complete it in a very short time.   We are 25 years in this business and our technical specialists have strong experience in Security, Cloud Security, GitHub, Risk Assessment, Data Protection and other technologies relevant to your project.   Please, review our profile https://www.freelancer.com/u/tangramua where you can find detailed information about our company, our portfolio, and the client's recent reviews.   Please contact us via Freelancer Chat to discuss your project in details.    Best regards, Sales department Tangram Canada Inc.     

@dmytroy6

❤️❤️❤️ Hello, there❤️❤️❤️ I can run a full technical governance and security audit across all milestones. I will review GitHub rules, workflows, permissions, and secret exposure risks. I will audit Firebase auth, rules, IAM, APIs, and environment security. I will validate admin panel access control and prevent privilege escalation. My rate is $22 per hour with a 25-hour cap, delivered within 7 days.

@johnedwardl

Hi, I’ve led similar reviews across GitHub orgs, Firebase stacks, and admin panels in production SaaS environments over the past 8+ years. For GitHub I’ll assess org permissions, branch protection, PR flow, workflow enforcement, and secret exposure risk (including Actions secrets and token scopes). On Firebase/infra I’ll review Auth providers, Firestore/Storage rules, IAM bindings, API key exposure patterns, and Cloud Messaging configuration to identify privilege drift or misconfigured rules. For the admin panel I’ll validate true server-side RBAC enforcement, check write/delete paths, sensitive operations (approve/manage users), input sanitization, and privilege escalation vectors. I’ll also evaluate logging depth and traceability. Architecture review will focus on separation of concerns, modular boundaries, dependency hygiene, hardcoded logic, and early scalability debt signals. Cap 25h is realistic for a high-signal assessment with a prioritized risk report. Do you want findings delivered as a risk matrix (severity/impact/mitigation) or narrative technical report? Thank you