firebase rules, javascript style
npm install firebase-js-rulesfirebase rules, javascript style -
EXPERIMENTAL, tested but not used in production
The current way to create security rules for firebase
is to edit a JSON file and then validate.
Single file, no variables, no comments, no syntax highlighting, lots of repetitions.
• Example • Features • API • License
``javascript
var R = require('../index')
var rulesJSON = JSON.parse({
"users": {
"$user": {
".read": true,
".write": true,
".validate": "newData.hasChildren(['name','age'])"
}
}
})
//produces the same result (rJSON deep equal rJS)
var rulesJS = R({
users: R({
$user: R()
.read(true)
.write((auth, $user) => $user === auth.uid)
.validate(newData => newData.hasChildren(['name', 'age']))
})
})
//write to file
.save('./firebase-rules.json')
`
friendly with other javascript tools: linters, highlighers, autosuggest*, ...
* variables to individually define, re-use or augment rule-sets or rule-templates
* commonJS module to individually prepare and test sets of rules and group them last
Two other tools already exist:
* firebase-bolt a YAML format that requires learning another syntax
* firebase-blaze another YAML format - DEPRECATED
R([template]) => ruleObject with the following methods.read(logic)
* => ruleObject with added property.write(logic)
* => ruleObject with added property.indexOn(logic)
* => ruleObject with added property.save([fileName])
* nest in {rules: ruleObject} and saves to a JSON file
rule logic is eitherstring
* a JSON primitive to be used as-is: , boolean, null
* an arrow-function expression:
* Only arrow functions and no curly braces to only allow expressions
* Function is run before extrating the body string to make sure that the variables methods are allowed
Released under the MIT License