UNPKG

firebase-tools

Version:

Command-Line Interface for Firebase

github.com/firebase/firebase-tools

firebase/firebase-tools

59 lines (51 loc) 2.8 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.init_firestore_rules = void 0; const resource_1 = require("../../resource"); exports.init_firestore_rules = (0, resource_1.resource)({ uri: "firebase://guides/init/firestore_rules", name: "firestore_rules_init_guide", title: "Firestore Rules Init Guide", description: "guides the coding agent through setting up Firestore security rules in the project", }, async (uri, { config }) => { return { contents: [ { uri, type: "text", text: ` # Firestore Rules This guide walks you through updating the Firestore security rules and deploying them to ensure only authenticated users can access their own data. Contents of the user's current \`firestore.rules\` file: \`\`\` ${config.readProjectFile("firestore.rules", { fallback: "<FILE DOES NOT EXIST>" })} \`\`\` 1. Create the personalData and publicData security rules (seen below). If they have existing \`firestore.rules\`, integrate these with the user's existing rules. 2. Validate & fix the security rules using the \`firebase_validate_security_rules\` tool. Only continue to the next step when the \`firebase_validate_security_rules\` tool succeeds 3. Update queries in the user's app to use the updated security rules 4. Print the contents of the \`firestore.rules\` file, and then explain what they enforce below them (for example, what changes you've made to the rules, and what actions are allowed / prohibited on each entity). Ask the user for permission to deploy the rules. Do not continue until the user confirms. Deploy the security rules using \`firebase deploy --only firestore\` in the terminal. Do not tell the user to go to the console to deploy rules as this command will do it automatically. For database entities that neatly fall into the "personal" and "public categories, you can use the personalData and publicData rules. Use the following firestore.rules file, and add a comment above 'personalData' and 'publicData' to note what entities apply to each rule. **Next Steps:** - **App Deployment**: Deploy the app to production after Security Rules are verified to be working properly. \`\`\` rules_version = '2'; service cloud.firestore { match /databases/{database}/documents { match /personalData/{appId}/users/{uid}/{collectionName}/{docId} { allow get: if uid == request.auth.uid; allow list: if uid == request.auth.uid && request.query.limit <= 100; allow write: if uid == request.auth.uid; } match /publicData/{appId}/{collectionName}/{docId} { allow get: if true; allow list: request.query.limit <= 100; allow write: if true; } } } \`\`\` `.trim(), }, ], }; });