Skip to content

Commit f4bdb8b

Browse files
flaucflauc
committed
feat(definitions): role update using service account; roles not breaking when a permission is undefined;
1 parent 6415a19 commit f4bdb8b

File tree

3 files changed

+11
-7
lines changed

3 files changed

+11
-7
lines changed

definitions/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
"version": "0.0.1",
44
"scripts": {
55
"process": "ts-node process.ts",
6-
"deploy:rules": "ts-node scripts/deploy-rules",
6+
"deploy:rules": "cross-env GOOGLE_APPLICATION_CREDENTIALS=./serviceAccountKey.json ts-node scripts/deploy-rules",
77
"build": "rm -rf dist && tsc",
88
"start": "tsc --w",
99
"setup": "cross-env FIRESTORE_EMULATOR_HOST=localhost:8080 ts-node setup.ts",

definitions/rules.ts

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@ const KEYS = ['get', 'list', 'create', 'update', 'delete'];
1919
const COLLECTIONS: Permissions = {
2020
_search: {
2121
get: [false],
22+
list: [false],
2223
create: [false],
2324
update: [false],
2425
delete: [false]
@@ -44,8 +45,7 @@ const DEFAULT_COLLECTION = () => ({
4445
delete: [false]
4546
});
4647

47-
const RULES_BASE = `
48-
rules_version = '2';
48+
const RULES_BASE = `rules_version = '2';
4949
service cloud.firestore {
5050
function hasRoles(roles) {
5151
return request.auth.token.role in roles
@@ -86,8 +86,7 @@ service cloud.firestore {
8686
match /databases/{database}/documents {
8787
[[R]]
8888
}
89-
}
90-
`;
89+
}`;
9190

9291
export async function compileRules() {
9392
const fs = firestore();
@@ -130,6 +129,10 @@ export async function compileRules() {
130129
permissions[key] = permissions[key].filter(Boolean);
131130
}
132131

132+
if (!permissions[key].length) {
133+
permissions[key] = [false];
134+
}
135+
133136
permissions[key] = permissions[key].join(' || ');
134137
}
135138

@@ -142,7 +145,7 @@ export async function compileRules() {
142145

143146
source.push(`
144147
match /${id}/{item=**} {
145-
${KEYS.map(key => `allow ${key}: if ${collection[key]};`).join('\n')}
148+
${KEYS.map((key, index) => `${index ? ' ' : ''}allow ${key}: if ${collection[key]};`).join('\n')}
146149
}
147150
`);
148151
}
@@ -162,5 +165,7 @@ export async function compileRules() {
162165

163166
const final = RULES_BASE.replace('[[R]]', source.join('\n'));
164167

168+
console.log('final', final);
169+
165170
await securityRules().releaseFirestoreRulesetFromSource(final);
166171
}

functions/src/triggers/role-updated.ts

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,6 @@ export const roleUpdated = functions
3636
});
3737

3838
if (diff) {
39-
4039
const {docs} = await fs.collection(Collections.Users)
4140
.where('role', '==', change.after.id)
4241
.get();

0 commit comments

Comments
 (0)