FirebaseExtended/protobuf-rules-gen FirebaseExtended/protobuf-rules-gen

  • Stars
    star
    198
  • Rank 196,898 (Top 4 %)
  • Language
    C++
  • License
    Apache License 2.0
  • Created almost 7 years ago
  • Updated about 3 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
FirebaseExtended/protobuf-rules-gen
github

FirebaseExtended

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

This is an experimental protoc plugin that generates Firebase Rules for Cloud Firestore based on Google's Protocol Buffer format. This allows you to easily validate your data in a platform independent manner.

Firebase Rules Protobuf Validation

Build Status

Quick Note

This is an experimental plugin for Security Rules, which means you should always validate these by hand before you decide to deploy these to a production environment.

Status

Status: Experimental

This repository is maintained by Googlers but is not a supported Firebase product. Issues here are answered by maintainers and other community members on GitHub on a best-effort basis.

Introduction

This is an experimental protoc plugin that generates Firebase Rules for Cloud Firestore based on Google's Protocol Buffer format.

This allows you to easily validate your data in a platform independent manner.

Here is a quick example:

syntax = "proto2";
package tutorial;

message Person {
  required string name = 1;
  optional string email = 2;

  enum PhoneType {
    MOBILE = 0;
    HOME = 1;
    WORK = 2;
  }
  message PhoneNumber {
    optional string number = 1;
    optional PhoneType type = 2;
  }

  optional PhoneNumber phone = 3;
}

This plugin generates the following Firebase Rules function that can be used to validate your incoming data.

// @@START_GENERATED_FUNCTIONS@@
function isPersonMessage(resource) {
  return resource.keys().hasAll(['name']) &&
          (resource.keys().hasOnly(['name','phone','email'])) &&
          ((resource.name is string)) &&
          ((!resource.keys().hasAny(['email'])) || (resource.email is string)) &&
          ((!resource.keys().hasAny(['phone'])) || (isPerson_PhoneNumberMessage(resource.phone)));
}
function isPerson_PhoneNumberMessage(resource) {
  return resource.keys().hasAll([]) &&
          (resource.keys().hasOnly(['type','number'])) &&
          ((!resource.keys().hasAny(['number'])) || (resource.number is string)) &&
          ((!resource.keys().hasAny(['type'])) || (isPerson_PhoneTypeEnum(resource.type)));
}
function isPerson_PhoneTypeEnum(resource) {
  return resource == 0 ||
          resource == 1 ||
          resource == 2;
}
// @@END_GENERATED_FUNCTIONS@@

// Start your rules (these don't get generated!)
service cloud.firestore {
  match /databases/{database}/documents {
    match /users/{userId} {
      allow read: if request.auth.uid == userId;
      allow write: if isPersonMessage(request.resource.data) &&
                      request.auth.uid == userId;
    }
  }
}

Usage

To use this protoc plugin once you have your protocol buffers defined, follow these steps:

  1. Make sure to install the latest version of protoc
  2. Download the latest release from GitHub
  3. Either put the plugin binary on your $PATH or use the --plugin=protoc-gen-firebase_rules=./path/to/protoc-gen-firebase_rules option
  4. Invoke the protoc tool using the --firebase_rules_out=./directory flag to output your firestore.rules file with generated functions
  5. If you're importing "firebase_rules_options.proto" like the below example the --proto_path=./directory flag will need to be added to include the directory of the firebase_rules_options.proto file along with the protobuf files from the src directory of the Google Protobuf repo. An more indepth discussion of this can be found in this issue.

If you run into trouble feel free to check out our example_usage.sh script or file an issue

Advanced Usage

syntax = "proto3";
package tutorial;

import "firebase_rules_options.proto";

option (google.firebase.rules.firebase_rules).full_package_names = true;

message Person {
  string name = 1;
  string email = 2 [(google.firebase.rules.firebase_rules_field).validate =
                        "resource.email.matches('.*@domain\\.com')"];

  enum PhoneType {
    option (google.firebase.rules.firebase_rules_enum).string_values = true;
    MOBILE = 0;
    HOME = 1;
    WORK = 2;
  }

  message PhoneNumber {
    string number = 1;
    PhoneType type = 2;
    option (google.firebase.rules.firebase_rules_message).extra_properties =
        true;
  }

  PhoneNumber phone = 3;

  // Currently, we can only check this is a list :(
  repeated string starred_websites = 4;

  // This message must have either a phone or an email.
  option (google.firebase.rules.firebase_rules_message).validate =
      "resource.keys().hasAny(['email', 'phone'])";
}

This would generate the following functions.

// @@START_GENERATED_FUNCTIONS@@
function istutorial_PersonMessage(resource) {
  return resource.keys().hasAll([]) &&
          (resource.keys().hasOnly(['starredWebsites','phone','email','name'])) &&
          ((!resource.keys().hasAny(['name'])) || (resource.name is string)) &&
          ((!resource.keys().hasAny(['email'])) || (resource.email is string && (resource.email.matches('.*@domain\.com')))) &&
          ((!resource.keys().hasAny(['phone'])) || (istutorial_Person_PhoneNumberMessage(resource.phone))) &&
          ((!resource.keys().hasAny(['starredWebsites'])) || (resource.starredWebsites is list)) &&
          (resource.keys().hasAny(['email', 'phone']));
}
function istutorial_Person_PhoneNumberMessage(resource) {
  return resource.keys().hasAll([]) &&
          ((!resource.keys().hasAny(['number'])) || (resource.number is string)) &&
          ((!resource.keys().hasAny(['type'])) || (istutorial_Person_PhoneTypeEnum(resource.type)));
}
function istutorial_Person_PhoneTypeEnum(resource) {
  return resource == 'MOBILE' ||
          resource == 'HOME' ||
          resource == 'WORK';
}
// @@END_GENERATED_FUNCTIONS@@

// Start your rules...

Standalone usage

  1. Install Bazel.

  2. Build with bazel build //...

  3. A sample invocation of the plugin, protoc-gen-firebase_rules, is available in example_usage.sh. This script can be run from the command line.

Using with bazel

It's easy to use protobuf_rules_gen if your project already uses Bazel.

  1. Add protobuf_rules_gen to your WORKSPACE:
proto_gen_firebase_rules_commit = "TODO"
http_archive(
    name = "proto_gen_firebase_rules",
    sha256 = "TODO",
    strip_prefix = "protobuf-rules-gen-" + proto_gen_firebase_rules_commit,
    url = "http://github.com/FirebaseExtended/protobuf-rules-gen/archive/" + proto_gen_firebase_rules_commit + ".tar.gz",
)

load("@proto_gen_firebase_rules//bazel:repositories.bzl", "protobuf_rules_gen_repositories")
protobuf_rules_gen_repositories()
  1. Update your BUILD file:
load("@proto_gen_firebase_rules//bazel:defs.bzl", "firestore_rules_proto_library", "firestore_rules_binary")

There are three rules available:

  • firestore_rules_proto_library generates a .rules file from the protobuf schema
  • firestore_rules_binary combines multiple .rules files (e.g. the auto generated rules with your ACLs that use them)
  • firestore_rules_library wraps up one or more .rules files so that a firestore_rules_binary can depend on it.

See example/BUILD for an example of how to use these rules.

Releasing

  1. Build the proto-gen-firebase_rules binary via bazel build //...

  2. Ensure all the tests pass via bazel test //...

  3. Build a binary for each platform (windows, linux, and darwin).

  4. Tag a GitHub release and attach each prebuilt binary to the release.

Authors

protobuf-rules-gen was initiated with ❀️️ by Tyler Rockwood.

Disclaimer

This is not an official Google product (experimental or otherwise), it is just code that happens to be owned by Google.

More Repositories

1

firepad

Collaborative Text Editor Powered by Firebase
JavaScript
3,868
star
2

reactfire

Hooks, Context Providers, and Components that make it easy to interact with Firebase.
TypeScript
3,540
star
3

angularfire

AngularJS bindings for Firebase
JavaScript
2,728
star
4

firechat

Real-time Chat powered by Firebase
JavaScript
2,414
star
5

firebase-arduino

Arduino samples for Firebase.
C++
945
star
6

bolt

Bolt Compiler (Firebase Security and Modeling)
TypeScript
897
star
7

firebase-queue

JavaScript
787
star
8

action-hosting-deploy

Automatically deploy shareable previews for your Firebase Hosting sites
TypeScript
699
star
9

emberfire

The officially supported adapter for using Firebase with Ember
TypeScript
684
star
10

mlkit-material-android

ML Kit Showcase App with Material Design
Java
490
star
11

polymerfire

Polymer Web Components for Firebase
HTML
459
star
12

flutterfire_desktop

An early-stage, experimental pure-Dart implementation of Firebase SDKs.
Dart
406
star
13

mlkit-custom-image-classifier

Easily collect data and train image classification models.
Dart
403
star
14

firebase-import

Node module for importing large data into Firebase.
JavaScript
370
star
15

custom-auth-samples

Samples showcasing how to sign in Firebase using additional Identity Providers
Java
323
star
16

firebase-framework-tools

Experimental addon to the Firebase CLI to add web framework support
JavaScript
285
star
17

firechat-ios

An example chat application built using the Firebase iOS SDK
Objective-C
246
star
18

experimental-extensions

πŸ§ͺ A laboratory for new extensions created by Firebase
TypeScript
244
star
19

make-it-so-android

Kotlin
218
star
20

karas-coffee

TypeScript
162
star
21

rxfire

TypeScript
140
star
22

unity-solutions

Use Firebase tools to incorporate common features into your games!
C#
128
star
23

firebase-video-samples

This repository contains sample code for some of the videos on the Firebase YouTube channel.
Swift
118
star
24

user-data-protection

Generalizable examples of protecting user data in Firebase Applications
JavaScript
97
star
25

expense-tracker

JavaScript
84
star
26

mlkit-material-ios

These apps demonstrate how to build an end-to-end user experience with Google ML Kit APIs and following the new Material for ML design guidelines.
Objective-C
80
star
27

firebase-auth-service-worker-sessions

JavaScript
79
star
28

TubeSock

A WebSocket client library implemented in Java
Java
79
star
29

codelab-friendlyeats-flutter

FlutterFire Firestore codelab. Develop a cross platform restaurant recommendation app with Flutter.
Dart
78
star
30

fastlane-plugin-firebase_test_lab

Test your app with Firebase Test Lab with ease using fastlane
Ruby
74
star
31

auth-without-play-services

Demonstrates how to implement Firebase Auth on devices without Google Play services
Kotlin
70
star
32

user-privacy

Sample of general purpose functions for user data deletion and export
JavaScript
68
star
33

remote-styles

Conditionally load CSS from Firebase Remote Config
TypeScript
64
star
34

analytics-webview

Java
63
star
35

firebase-streaming-import

public node.js script for streaming large JSON files into a Firebase
Python
61
star
36

cocos2dx-cpp-sample

Firebase Cocos2d-x samples
C++
53
star
37

firestore-codelab-extended-swift

Swift
48
star
38

codelab-kanban-fire

TypeScript
43
star
39

firebase-continue

Firebase Continue enables mobile developers to integrate activity transitioning from their mobile apps to the web
JavaScript
36
star
40

firestoreodm-flutter

Dart
35
star
41

MLKit-ARKit

Swift
34
star
42

parse-migration-tools

JavaScript
26
star
43

firepad-demo

http://demo.firepad.io/ sources
CSS
16
star
44

palm-chatbot-angular

TypeScript
15
star
45

compass-travel-planning-sample

TypeScript
15
star
46

firestore-nlp-extension

TypeScript
15
star
47

codelab-ai-genkit-rag

TypeScript
12
star
48

codelab-measure-android-view-performance

Java
11
star
49

MLKit-ARCore

Swift
11
star
50

firebase-auth-migration-helpers

Objective-C
11
star
51

codelab-contentrecommendation-android

Kotlin
11
star
52

firebase-js-sdk-performance-dashboard

Firebase JS SDK Performance Dashboard
TypeScript
9
star
53

firebase_fcm_flutter

Java
8
star
54

compass-ai-travel-planning-sample-flutter

This is a travel demo built in Flutter using Firebase Data Connect and Firebase Genkit to find ideal itineraries from a database of travel plans.
Dart
8
star
55

cmake-way-for-firebase

C++
6
star
56

codelab-fcm-and-fiam

Kotlin
5
star
57

codelab-textclassification-android

Jupyter Notebook
5
star
58

fcm-external-prober

Go
4
star
59

codelab-rules

JavaScript
4
star
60

angularfire-expert-led-class

TypeScript
4
star
61

crashlytics-migration-ios

Swift
4
star
62

crashlytics-migration-android

Java
4
star
63

firebase-console-performance-dashboard

TypeScript
4
star
64

codelab-digitclassifier-android

Kotlin
3
star
65

codelab-appdistribution-android

Kotlin
3
star
66

codelab-gemini-api-extensions

TypeScript
3
star
67

ai-extensions-codelab

JavaScript
3
star
68

poem-from-image

TypeScript
3
star
69

codelab-actions-firestore

JavaScript
3
star
70

vertexai-sdk-test-data

Python
3
star
71

firebase-apple-sdk-triage

This repo contains a collection of "skeleton" apps for quickly reproducing issues from the firebase-ios-sdk.
Swift
2
star
72

github-actions

Python
2
star
73

firebase-functions-go

Go
2
star
74

changelog

TypeScript
2
star
75

codelab-contentrecommendation-ios

Swift
2
star
76

codelab-textclassification-ios

Swift
1
star
77

codelab-digitclassifier-ios

Swift
1
star
78

codelab-feature-rollout-performance

This is the source code that accompanies the Firebase Performance Monitoring Codelab: https://firebase.google.com/codelabs/feature-rollout-performance
Java
1
star