GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → willhlaw → Firestore Security Tests

willhlaw / Firestore Security Tests

Setup and run tests to verify Firestore security rules

Programming Languages

javascript
184084 projects - #8 most used programming language

Labels

securitytestingfirestorerules

Projects that are alternatives of or similar to Firestore Security Tests

Redux Firestore
Redux bindings for Firestore
Stars: ✭ 530 (+1225%)
Mutual labels:  firestore
Rulerz
Powerful implementation of the Specification pattern in PHP
Stars: ✭ 827 (+1967.5%)
Mutual labels:  rules
Firextensions
[DEPRECATED] 🔥 Unofficial Kotlin Extensions for the Firebase Android SDK.
Stars: ✭ 30 (-25%)
Mutual labels:  firestore
Startup Os
Working examples of Google's Open Source stack and deployment to the cloud.
Stars: ✭ 564 (+1310%)
Mutual labels:  firestore
Wild Workouts Go Ddd Example
Complete application to show how to apply DDD, Clean Architecture, and CQRS by practical refactoring of a Go project.
Stars: ✭ 756 (+1790%)
Mutual labels:  firestore
Fsfirestore
Functional F# library to access Firestore database hosted on Google Cloud Platform (GCP) or Firebase.
Stars: ✭ 22 (-45%)
Mutual labels:  firestore
Node Rules
Node-rules is a light weight forward chaining rule engine written in JavaScript.
Stars: ✭ 481 (+1102.5%)
Mutual labels:  rules
Nativescript Plugin Firebase
🔥 NativeScript plugin for Firebase
Stars: ✭ 990 (+2375%)
Mutual labels:  firestore
Android Udev Rules
Android udev rules list aimed to be the most comprehensive on the net
Stars: ✭ 810 (+1925%)
Mutual labels:  rules
Travelmantics
Firestore & firebase storage MVVM sample
Stars: ✭ 28 (-30%)
Mutual labels:  firestore
Precept
A declarative programming framework
Stars: ✭ 621 (+1452.5%)
Mutual labels:  rules
Rules
No description, website, or topics provided.
Stars: ✭ 6,421 (+15952.5%)
Mutual labels:  rules
Greet
Greet is a simple social network for Android written using Firebase Cloud Firestore and Cloud Functions
Stars: ✭ 23 (-42.5%)
Mutual labels:  firestore
Rulebook
100% Java, Lambda Enabled, Lightweight Rules Engine with a Simple and Intuitive DSL
Stars: ✭ 562 (+1305%)
Mutual labels:  rules
Roulette
A text/template based rules engine
Stars: ✭ 32 (-20%)
Mutual labels:  rules
Chat app
A flutter chat app built with firestore. It is clone of messenger.User can create stories,chat and search in real time.
Stars: ✭ 493 (+1132.5%)
Mutual labels:  firestore
Thenetwork Open
TheNetwork is a blog cum chat app. It's completely built using firebase. Users can post, comment, like and bookmark the blogs, also users can send follow requests to connect with people. Users can create events and also prepare an event roadmap. Pagination for realtime data is also included in chats, blogs and events.
Stars: ✭ 17 (-57.5%)
Mutual labels:  firestore
Paginate firestore
A flutter package to simplify pagination with firestore data 🗃
Stars: ✭ 40 (+0%)
Mutual labels:  firestore
Social Note
Social Note - Note-taking, sharing, time & location reminder
Stars: ✭ 38 (-5%)
Mutual labels:  firestore
Hoverboard
Conference website template
Stars: ✭ 935 (+2237.5%)
Mutual labels:  firestore
View All Similar Projects ➔

firestore-security-tests

standard-readme compliant

Setup and run tests to verify Firestore security rules

This library provides programmatic access to test Firestore security rules.

Table of Contents

Background

Firebase Real Time DataBase has an interactive UI for testing rules, but Firestore does not. Furthermore, the community have built libraries to programmatically test security rules Firebase RTDB, but nothing exists for Firestore. See this issue that gives additional background and inspired this library.

Install

  npm install firestore-security-tests --save-dev

Usage

1. CREDENTIALS

You need to set GOOGLE_APPLICATION_CREDENTIALS enviroment variables to the path of your project's credentials JSON path.

To get a credentials JSON file, read the Add Firebase to your app section of the Firebase Admin setup page:

To use the Firebase Admin SDKs, you'll need a Firebase project, a service account to communicate with the Firebase service, and a configuration file with your service account's credentials.

  1. Navigate to the Service Accounts tab in your project's settings page.
  2. Select your Firebase project. If you don't already have one, click Create New Project. If you already have an existing Google project associated with your app, click Import Google Project instead.
  3. Click the Generate New Private Key button at the bottom of the Firebase Admin SDK section of the Service Accounts tab.

After you click the button, a JSON file containing your service account's credentials will be downloaded. The environment variable GOOGLE_APPLICATION_CREDENTIALS will need to be the path to this JSON file.

2. Create a testResource object

There are two top-level objects source and testSuite. source contains information about the Rules you want to test (copy and paste your current Firestore/Storage rules here), while testSuite contains an array of test cases to run against the provided source.

Below is a contrived example you can use:

var testResourceObj = {
  source: {
    files: [
      {
        name: 'firestore.rules',
        content: `service cloud.firestore {
              match /databases/{database}/documents {match /{document=**} {allow read: if request.auth.uid != '7QLCpgSZ5CdaVhj52GC50jhe1o02-INVALID' allow write: if false
                }
              }
            }`
      }
    ]
  },
  testSuite: {
    testCases: [
      {
        expectation: 'ALLOW', // Can be 'ALLOW' or 'DENY'
        request: {
          auth: {
            uid: '7QLCpgSZ5CdaVhj52GC50jhe1o02'
          },
          path: '/databases/(default)/documents/licenses/abcd',
          method: 'get'
        },
        functionMocks: [
          {
            function: 'get',
            args: [{ exact_value: '/databases/(default)/documents/users/123' }],
            result: { value: { data: { accountId: 'abcd' } } }
          }
        ]
      }
    ]
  }
};

3. Create a test.js file

var testSecurityRules = require('firestore-security-tests').testSecurityRules;

var testResourceObj = {
  source: {
    files: [
      {
        name: 'firestore.rules',
        content: `service cloud.firestore {
              match /databases/{database}/documents {match /{document=**} {allow read: if request.auth.uid != '7QLCpgSZ5CdaVhj52GC50jhe1o02-INVALID' allow write: if false
                }
              }
            }`
      }
    ]
  },
  testSuite: {
    testCases: [
      {
        expectation: 'ALLOW',
        request: {
          auth: {
            uid: '7QLCpgSZ5CdaVhj52GC50jhe1o02'
          },
          path: '/databases/(default)/documents/licenses/abcd',
          method: 'get'
        },
        functionMocks: [
          {
            function: 'get',
            args: [{ exact_value: '/databases/(default)/documents/users/123' }],
            result: { value: { data: { accountId: 'abcd' } } }
          }
        ]
      }
    ]
  }
};

testSecurityRules(printResults, testResourceObj, { verbose: true });

function printResults(resultsObj) {
  var projectId = resultsObj.projectId,
    testResults = resultsObj.testResults,
    error = resultsObj.error,
    errMsg = resultsObj.errMsg;

  if (error) {
    return console.error('\n\ntestSecurityRules ERRORED:\n\n', errMsg, error);
  }

  console.log('\nTest results for '.concat(projectId, ':\n'));
  testResults.forEach(function(testResult) {
    return console.log(testResult.toString());
  });
}

4. Run it

$> GOOGLE_APPLICATION_CREDENTIALS=path/to/credential/file.json node ./test.js

Maintainers

@willhlaw

Versioning

We use SemVer for versioning. For the versions available, see the tags on this repository.

Contribute

PRs accepted.

Small note: If editing the README, please conform to the standard-readme specification.

License

MIT © 2017 Will Lawrence

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].