npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@smallstack/js2fr

v0.2.7

Published

Generates Cloud Firestore helper functions for schema validation using JSON Schema.

Downloads

382

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

maxfriedmannmaxfriedmann

Keywords

firestorejson schemageneratorgenerate

Readme

JS2FR - JSON Schema to Firestore Rules Generator

This project is a fork of https://github.com/pheekus/svarog. The original project is no longer maintained. This fork is an attempt to keep the project alive and add new features.

js2fr is a CLI that helps you protect your Firestore schema from unwanted mutations. It generates a set of of helper functions based on JSON Schema files that you can use in your Security Rules to validate user input.

Getting started

Step 1: describe your schema

js2fr was designed to be compatible with JSON Schema 7 - the latest draft of the JSON Schema standard. To get started, create a folder in your project directory, place your schema in a *.schema.json file and give it an $id:

{
	"$schema": "http://json-schema.org/draft-07/schema",
	"$id": "Apple",
	"type": "object",
	"properties": {
		"color": {
			"type": "string",
			"enum": ["green", "red"]
		}
	},
	"required": ["color"]
}

You can use any built-in type to describe your database schema. However, you should also keep in mind that not all of the JSON Schema features are supported at the moment.

Using Firestore data types

js2fr includes basic support for Timestamp, Bytes, LatLng and Path Firestore field types. To enable type checking on such fields, register the appropriate schemas in definitions section and then reference them in your main schema with $ref like this:

{
	"$schema": "http://json-schema.org/draft-07/schema",
	"$id": "FirestoreExample",
	"type": "object",
	"definitions": {
		"Timestamp": {}
	},
	"properties": {
		"date": { "$ref": "#/definitions/Timestamp" }
	}
}

Step 2: run js2fr

Once you have your schema ready, install and run Svarog:

$ npm i -g @smallstack/json-schema-to-firestore-rules
$ js2fr "**/*.schema.json" "firestore.rules" --verbose

The last command will pull every file ending with .schema.json, run the compiler and append a minified code snippet to the firestore.rules file. You can run this command every time you update your schema, and it will replace the generated snippet for you automatically if both old and new helpers were created with the compatible versions of CLI.

Step 3: call isValid() in Security Rules

The code we generated in the previous step exposes isValid($id: string): boolean function that you can use in your Security Rules together with other assertions:

match /apples/{appleId} {
  allow write: if isValid("Apple");
}

js2fr will apply a strict schema check when a document is created (assuring that all required properties are present and nothing out of the schema is added), and a loose one on each update (when some properties defined in schema may be missing from the patch object).

Common pitfalls

  • The $id field is very important as it will be used when calling the isValid function inside your firestore security rules. Make sure it is unique and does not contain any special characters.
  • The firestore.rules must have the LF line ending. If you are using Windows, you can convert the file using the following command: Get-Content firestore.rules -Raw | Set-Content -NoNewline -Encoding UTF8 firestore.rules

CLI reference

USAGE
  $ js2fr INPUT [OUTPUT]

ARGUMENTS
  INPUT   input file containing JSON Schema or a glob pattern
  OUTPUT  target file where Svarog will output security rule helpers

OPTIONS
  -f, --force    overwrites existing Svarog code unconditionally
  -h, --help     displays this message
  -v, --verbose  enables progress logs during compilation

Compatibility to https://github.com/pheekus/svarog

We decided to rename the CLI and the tag being used inside the generated code to js2fr to avoid confusion with the original project. The generated code is still compatible with the original project, so you can use it in your existing projects without any changes.