npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

firebase-rules-parser

v2.0.1

Published

Parser for Firebase rule files

Downloads

526

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

villevenalainenvillevenalainen

Keywords

firebaserulessecurityparser

Readme

firebase-rules-parser

Greenkeeper badge

Firebase rule parser parsers Firebase rule language files and emulates rules to check the access for different paths. Current version supports nearly all functionality of the rules language, except duaration, latlong and timestamp functions.

This project is a side project of ts-mock-firebase, which is a mocking library for professional unit testing with Firebase projects. Even so, it is also possible to use this librarary individually.

Getting started

Install the library:

yarn add firebase-rules-parser

or

npm install firebase-rules-parser

Initializing rules

To load rules into intepreter:

import createFirebaseRulesIntepreter from 'firebase-rules-parser';

// create an instance of intepreter
const rules = createFirebaseRulesIntepreter();
// load your rules 
rules.init(source);

Above, the source parameter is a string containing rules -file content. Init -method call, will automatically parse its content and if no parsing succeeds with no errors, rules are ready to be tested.

Checking access for a path

To check access for some path, you need to set up the case for the rule intepreter. Firebase rules are always tested against same path. So you need to define the path to resource what are you testing against. The path must be given in a full path form starting with /databases/DEFAULT/documents/my-collection/my-doc/my-subcollection/doc-here -form. In addition, you need to define the authentication state and the actual resource been accessed with the context object.


// create a context object for call
const context = createFirebaseRulesContext({
  // set up auth properties
  auth: {
    uid: '123', // authenticated user's id
    email: '[email protected]', // user's email
  },
  // define setup for resource 
  resource: {
    // set the document id 
    id: 'abc', 
    // set the actual document data
    data: {
      value: 123, // refered document's data
    }
  },
  // define a trigger for exists -function calls if any used in rules script
  onExistsCall: (path) => {
    return path === '/databases/DEFAULT/documents/users/123'; 
  },
  // define a trigger for get -function calls if any used in rules script
  onGetCall: (path) => {
    if (path === '/databases/DEFAULT/documents/users/123') {
      return {
        uid: '123',
        name: 'John Doe',
      }
    }
  }
});

const hasAccess = rules.hasAccess('/databases/DEFAULT/documents/users/123', context);

´hasAccess´ -method will return an object which contains all access right keys that were defined in rules script. If there were no allow -rule to set access to true or false, no key will be included in object. So for example, the result could something like this:

{
  read: true,
  update: true,
  create: false,
}

This would mean that the rules script defines that with path requested, read and update have been defined to be allowed and create is not. Delete is not defined at all, so that should be treated as false too.

Firebase rules allow support access keys: create, read, write, update, list and delete.

Note

Please note, that this library have been created on information got from Google's Firebase documentation and testing the Firebase. There have been no actual specification of rules language available during the development. So it is possible that there are some small differences between the parser and the actual Firebase's rules engine. Please let me know if you face any this kind of anomalities. The goal of this project is to emulate fully Firebase rules functionality.