1 |
|
2 | "use strict";
|
3 |
|
4 |
|
5 |
|
6 |
|
7 |
|
8 |
|
9 |
|
10 |
|
11 |
|
12 |
|
13 |
|
14 |
|
15 |
|
16 |
|
17 |
|
18 | Object.defineProperty(exports, "__esModule", { value: true });
|
19 | exports.SecurityRulesApiClient = void 0;
|
20 | var api_request_1 = require("../utils/api-request");
|
21 | var error_1 = require("../utils/error");
|
22 | var security_rules_internal_1 = require("./security-rules-internal");
|
23 | var utils = require("../utils/index");
|
24 | var validator = require("../utils/validator");
|
25 | var RULES_V1_API = 'https://firebaserules.googleapis.com/v1';
|
26 | var FIREBASE_VERSION_HEADER = {
|
27 | 'X-Firebase-Client': "fire-admin-node/" + utils.getSdkVersion(),
|
28 | };
|
29 |
|
30 |
|
31 |
|
32 |
|
33 |
|
34 | var SecurityRulesApiClient = (function () {
|
35 | function SecurityRulesApiClient(app) {
|
36 | this.app = app;
|
37 | if (!validator.isNonNullObject(app) || !('options' in app)) {
|
38 | throw new security_rules_internal_1.FirebaseSecurityRulesError('invalid-argument', 'First argument passed to admin.securityRules() must be a valid Firebase app '
|
39 | + 'instance.');
|
40 | }
|
41 | this.httpClient = new api_request_1.AuthorizedHttpClient(app);
|
42 | }
|
43 | SecurityRulesApiClient.prototype.getRuleset = function (name) {
|
44 | var _this = this;
|
45 | return Promise.resolve()
|
46 | .then(function () {
|
47 | return _this.getRulesetName(name);
|
48 | })
|
49 | .then(function (rulesetName) {
|
50 | return _this.getResource(rulesetName);
|
51 | });
|
52 | };
|
53 | SecurityRulesApiClient.prototype.createRuleset = function (ruleset) {
|
54 | var _this = this;
|
55 | if (!validator.isNonNullObject(ruleset) ||
|
56 | !validator.isNonNullObject(ruleset.source) ||
|
57 | !validator.isNonEmptyArray(ruleset.source.files)) {
|
58 | var err = new security_rules_internal_1.FirebaseSecurityRulesError('invalid-argument', 'Invalid rules content.');
|
59 | return Promise.reject(err);
|
60 | }
|
61 | for (var _i = 0, _a = ruleset.source.files; _i < _a.length; _i++) {
|
62 | var rf = _a[_i];
|
63 | if (!validator.isNonNullObject(rf) ||
|
64 | !validator.isNonEmptyString(rf.name) ||
|
65 | !validator.isNonEmptyString(rf.content)) {
|
66 | var err = new security_rules_internal_1.FirebaseSecurityRulesError('invalid-argument', "Invalid rules file argument: " + JSON.stringify(rf));
|
67 | return Promise.reject(err);
|
68 | }
|
69 | }
|
70 | return this.getUrl()
|
71 | .then(function (url) {
|
72 | var request = {
|
73 | method: 'POST',
|
74 | url: url + "/rulesets",
|
75 | data: ruleset,
|
76 | };
|
77 | return _this.sendRequest(request);
|
78 | });
|
79 | };
|
80 | SecurityRulesApiClient.prototype.deleteRuleset = function (name) {
|
81 | var _this = this;
|
82 | return this.getUrl()
|
83 | .then(function (url) {
|
84 | var rulesetName = _this.getRulesetName(name);
|
85 | var request = {
|
86 | method: 'DELETE',
|
87 | url: url + "/" + rulesetName,
|
88 | };
|
89 | return _this.sendRequest(request);
|
90 | });
|
91 | };
|
92 | SecurityRulesApiClient.prototype.listRulesets = function (pageSize, pageToken) {
|
93 | var _this = this;
|
94 | if (pageSize === void 0) { pageSize = 100; }
|
95 | if (!validator.isNumber(pageSize)) {
|
96 | var err = new security_rules_internal_1.FirebaseSecurityRulesError('invalid-argument', 'Invalid page size.');
|
97 | return Promise.reject(err);
|
98 | }
|
99 | if (pageSize < 1 || pageSize > 100) {
|
100 | var err = new security_rules_internal_1.FirebaseSecurityRulesError('invalid-argument', 'Page size must be between 1 and 100.');
|
101 | return Promise.reject(err);
|
102 | }
|
103 | if (typeof pageToken !== 'undefined' && !validator.isNonEmptyString(pageToken)) {
|
104 | var err = new security_rules_internal_1.FirebaseSecurityRulesError('invalid-argument', 'Next page token must be a non-empty string.');
|
105 | return Promise.reject(err);
|
106 | }
|
107 | var data = {
|
108 | pageSize: pageSize,
|
109 | pageToken: pageToken,
|
110 | };
|
111 | if (!pageToken) {
|
112 | delete data.pageToken;
|
113 | }
|
114 | return this.getUrl()
|
115 | .then(function (url) {
|
116 | var request = {
|
117 | method: 'GET',
|
118 | url: url + "/rulesets",
|
119 | data: data,
|
120 | };
|
121 | return _this.sendRequest(request);
|
122 | });
|
123 | };
|
124 | SecurityRulesApiClient.prototype.getRelease = function (name) {
|
125 | return this.getResource("releases/" + name);
|
126 | };
|
127 | SecurityRulesApiClient.prototype.updateRelease = function (name, rulesetName) {
|
128 | var _this = this;
|
129 | return this.getUrl()
|
130 | .then(function (url) {
|
131 | return _this.getReleaseDescription(name, rulesetName)
|
132 | .then(function (release) {
|
133 | var request = {
|
134 | method: 'PATCH',
|
135 | url: url + "/releases/" + name,
|
136 | data: { release: release },
|
137 | };
|
138 | return _this.sendRequest(request);
|
139 | });
|
140 | });
|
141 | };
|
142 | SecurityRulesApiClient.prototype.getUrl = function () {
|
143 | return this.getProjectIdPrefix()
|
144 | .then(function (projectIdPrefix) {
|
145 | return RULES_V1_API + "/" + projectIdPrefix;
|
146 | });
|
147 | };
|
148 | SecurityRulesApiClient.prototype.getProjectIdPrefix = function () {
|
149 | var _this = this;
|
150 | if (this.projectIdPrefix) {
|
151 | return Promise.resolve(this.projectIdPrefix);
|
152 | }
|
153 | return utils.findProjectId(this.app)
|
154 | .then(function (projectId) {
|
155 | if (!validator.isNonEmptyString(projectId)) {
|
156 | throw new security_rules_internal_1.FirebaseSecurityRulesError('invalid-argument', 'Failed to determine project ID. Initialize the SDK with service account credentials, or '
|
157 | + 'set project ID as an app option. Alternatively, set the GOOGLE_CLOUD_PROJECT '
|
158 | + 'environment variable.');
|
159 | }
|
160 | _this.projectIdPrefix = "projects/" + projectId;
|
161 | return _this.projectIdPrefix;
|
162 | });
|
163 | };
|
164 | |
165 |
|
166 |
|
167 |
|
168 |
|
169 |
|
170 |
|
171 | SecurityRulesApiClient.prototype.getResource = function (name) {
|
172 | var _this = this;
|
173 | return this.getUrl()
|
174 | .then(function (url) {
|
175 | var request = {
|
176 | method: 'GET',
|
177 | url: url + "/" + name,
|
178 | };
|
179 | return _this.sendRequest(request);
|
180 | });
|
181 | };
|
182 | SecurityRulesApiClient.prototype.getReleaseDescription = function (name, rulesetName) {
|
183 | var _this = this;
|
184 | return this.getProjectIdPrefix()
|
185 | .then(function (projectIdPrefix) {
|
186 | return {
|
187 | name: projectIdPrefix + "/releases/" + name,
|
188 | rulesetName: projectIdPrefix + "/" + _this.getRulesetName(rulesetName),
|
189 | };
|
190 | });
|
191 | };
|
192 | SecurityRulesApiClient.prototype.getRulesetName = function (name) {
|
193 | if (!validator.isNonEmptyString(name)) {
|
194 | throw new security_rules_internal_1.FirebaseSecurityRulesError('invalid-argument', 'Ruleset name must be a non-empty string.');
|
195 | }
|
196 | if (name.indexOf('/') !== -1) {
|
197 | throw new security_rules_internal_1.FirebaseSecurityRulesError('invalid-argument', 'Ruleset name must not contain any "/" characters.');
|
198 | }
|
199 | return "rulesets/" + name;
|
200 | };
|
201 | SecurityRulesApiClient.prototype.sendRequest = function (request) {
|
202 | var _this = this;
|
203 | request.headers = FIREBASE_VERSION_HEADER;
|
204 | return this.httpClient.send(request)
|
205 | .then(function (resp) {
|
206 | return resp.data;
|
207 | })
|
208 | .catch(function (err) {
|
209 | throw _this.toFirebaseError(err);
|
210 | });
|
211 | };
|
212 | SecurityRulesApiClient.prototype.toFirebaseError = function (err) {
|
213 | if (err instanceof error_1.PrefixedFirebaseError) {
|
214 | return err;
|
215 | }
|
216 | var response = err.response;
|
217 | if (!response.isJson()) {
|
218 | return new security_rules_internal_1.FirebaseSecurityRulesError('unknown-error', "Unexpected response with status: " + response.status + " and body: " + response.text);
|
219 | }
|
220 | var error = response.data.error || {};
|
221 | var code = 'unknown-error';
|
222 | if (error.status && error.status in ERROR_CODE_MAPPING) {
|
223 | code = ERROR_CODE_MAPPING[error.status];
|
224 | }
|
225 | var message = error.message || "Unknown server error: " + response.text;
|
226 | return new security_rules_internal_1.FirebaseSecurityRulesError(code, message);
|
227 | };
|
228 | return SecurityRulesApiClient;
|
229 | }());
|
230 | exports.SecurityRulesApiClient = SecurityRulesApiClient;
|
231 | var ERROR_CODE_MAPPING = {
|
232 | INVALID_ARGUMENT: 'invalid-argument',
|
233 | NOT_FOUND: 'not-found',
|
234 | RESOURCE_EXHAUSTED: 'resource-exhausted',
|
235 | UNAUTHENTICATED: 'authentication-error',
|
236 | UNKNOWN: 'unknown-error',
|
237 | };
|