Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/dergoegge/firebase-security-testing
Testing framework for firestore and firebase storage security rules.
https://github.com/dergoegge/firebase-security-testing
firebase security-rules security-testing testing-framework
Last synced: about 2 months ago
JSON representation
Testing framework for firestore and firebase storage security rules.
- Host: GitHub
- URL: https://github.com/dergoegge/firebase-security-testing
- Owner: dergoegge
- License: apache-2.0
- Created: 2019-03-14T21:14:13.000Z (almost 6 years ago)
- Default Branch: master
- Last Pushed: 2022-12-10T16:57:10.000Z (about 2 years ago)
- Last Synced: 2024-10-04T15:45:58.693Z (3 months ago)
- Topics: firebase, security-rules, security-testing, testing-framework
- Language: JavaScript
- Size: 197 KB
- Stars: 5
- Watchers: 1
- Forks: 0
- Open Issues: 8
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Firebase security rules testing
There is currently no official testing framework for firebase storage security rules.
There is how ever the [Firebase Rules API](https://developers.google.com/apis-explorer/?hl=en_US#search/firebaserules/firebaserules/v1/) which does provide unit testing functionality.
The simulator in the firebase console makes use of this api.This repository is an attempt at a client for this api and since the api works for both **Firestore** and **Firebase Storage** you will be able to test both types of security rules with this client.
I also opened a feature request with firebase, so maybe they will realease something like this pretty soon with official support.
## Install
```sh
npm i firebase-security-testing
```## Setup
In order for this package to work you will have to set the `FIREBASE_TOKEN` environment variable.
You can obtain the token with:
```sh
firebase login:ci
```## Examples
##
```javascript
const { RuleTestSuite, validateRuleSuite } = require('firebase-security-testing');// Initialise the rule test suite
var storageRules = new RuleTestSuite({
rulePath: 'storage.rules', // path to your rules file
project: '', // your project name
description: 'storage rules' // optional for logging of results
});// add a test case
storageRules.test(''/* description for logging */, {
path: '/b//o/path/to/resource',
method: 'get',
auth: {
uid: '...',
token: {
'...': '...'
}
}
}).shouldSucceed(); // this test case should succeed// ad another test case
storageRules.test(''/* description for logging */, {
path: '/b//o/path/to/resource',
method: 'create'
}).shouldFail(); // this test case should fail// validate the tests
validateRuleSuite(storageRules, { logging: true, exitOnFailure: true });```
*The `exitOnFailure` option defaults to true.*
## Test case options
The options for the test cases ("as far as i can tell") are the ones listed in the documentation for [firestore request](https://firebase.google.com/docs/reference/rules/rules.firestore.Request), [firestore resource](https://firebase.google.com/docs/reference/rules/rules.firestore.Resource), [storage request](https://firebase.google.com/docs/reference/security/storage/#request), [storage resource](https://firebase.google.com/docs/reference/security/storage/#resource)
## Contributing
Every contribution welcome just open a issue or pr...