Skip to content

YourDeveloperFriend/firebase-security-tester

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Firebase Security Rules Tester

Writing firebase security rules is tough, and it's hard to know whether or not they're working properly. The last thing you want is to leave a hole in your system that other's can read or write what they shouldn't have access to. Unfortunately, the firebase simulator kind of sucks. It's tedious and time consuming, and difficult to maintain consistency.

To Install:

npm install firebase-security-tester

Enter the Firebase Security Rules Tester. It's usage is simple:

var Tester = require('firebase-security-tester'),
  rules = require('./rules.json').rules,
  tester = new Tester(test_data, rules);
tester.canRead('/child1/child2');
// Output:
// {
//   value: true,
//   results: [{
//     url: '/',
//     rule: false,
//     result: false
//   }, {
//     url: '/child1',
//     rule: 'auth.id == data.child("user_id").val()',
//     result: false
//   }, {
//     url: '/child1/child2',
//     rule: '5+5==10',
//     result: true
//   }]
// };

Note about the grammar: Right now, I'm using pegjs grammar to parse the rules in the security.json. It's still in the beta stage, so let me know about any unexpected errors or bugs.

Coming Soon:

  • Validation handling

To find out more about firebase's rules system, read here: https://www.firebase.com/docs/security/rule-expressions/index.html

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published