@edgedev/firebase 1.8.11 → 1.8.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/edgeFirebase.ts +8 -5
- package/package.json +1 -1
- package/src/firestore.rules +17 -10
- package/src/functions.js +35 -0
package/edgeFirebase.ts
CHANGED
|
@@ -632,7 +632,7 @@ export const EdgeFirebase = class {
|
|
|
632
632
|
|
|
633
633
|
public removeUser = async (docId: string): Promise<actionResponse> => {
|
|
634
634
|
const removedFrom = [];
|
|
635
|
-
const userRef = doc(this.db, "users", docId);
|
|
635
|
+
const userRef = doc(this.db, "staged-users", docId);
|
|
636
636
|
const userSnap = await getDoc(userRef);
|
|
637
637
|
if (userSnap.data().roles) {
|
|
638
638
|
for (const collectionPath in userSnap.data().roles) {
|
|
@@ -653,7 +653,7 @@ export const EdgeFirebase = class {
|
|
|
653
653
|
collectionPath.replaceAll("-", "/")
|
|
654
654
|
);
|
|
655
655
|
if (canAssign) {
|
|
656
|
-
|
|
656
|
+
await this.removeUserSpecialPermissions(
|
|
657
657
|
docId,
|
|
658
658
|
collectionPath.replaceAll("-", "/")
|
|
659
659
|
);
|
|
@@ -662,10 +662,11 @@ export const EdgeFirebase = class {
|
|
|
662
662
|
}
|
|
663
663
|
}
|
|
664
664
|
if (removedFrom.length > 0) {
|
|
665
|
+
const response = await this.runFunction("removeNonRegisteredUser", {uid: this.user.uid, docId});
|
|
665
666
|
return this.sendResponse({
|
|
666
667
|
success: true,
|
|
667
668
|
message: "",
|
|
668
|
-
meta: {}
|
|
669
|
+
meta: {response}
|
|
669
670
|
});
|
|
670
671
|
} else {
|
|
671
672
|
return this.sendResponse({
|
|
@@ -892,8 +893,8 @@ export const EdgeFirebase = class {
|
|
|
892
893
|
};
|
|
893
894
|
|
|
894
895
|
private generateUserMeta = async (userMeta: newUser): Promise<actionResponse> => {
|
|
895
|
-
const roles: role[] = userMeta.roles;
|
|
896
|
-
const specialPermissions: specialPermission[] = userMeta.specialPermissions;
|
|
896
|
+
const roles: role[] = userMeta.roles || [];
|
|
897
|
+
const specialPermissions: specialPermission[] = userMeta.specialPermissions || [];
|
|
897
898
|
delete userMeta.roles;
|
|
898
899
|
delete userMeta.specialPermissions;
|
|
899
900
|
|
|
@@ -1411,6 +1412,7 @@ export const EdgeFirebase = class {
|
|
|
1411
1412
|
}
|
|
1412
1413
|
if (canAssign) {
|
|
1413
1414
|
await updateDoc(doc(this.db, "staged-users/" + docId), {
|
|
1415
|
+
uid: this.user.uid,
|
|
1414
1416
|
collectionPaths: arrayRemove(collectionPath.replaceAll("/", "-")),
|
|
1415
1417
|
["roles." + collectionPath.replaceAll("/", "-")]: deleteField()
|
|
1416
1418
|
});
|
|
@@ -1440,6 +1442,7 @@ export const EdgeFirebase = class {
|
|
|
1440
1442
|
}
|
|
1441
1443
|
if (canAssign) {
|
|
1442
1444
|
await updateDoc(doc(this.db, "staged-users/" + docId), {
|
|
1445
|
+
uid: this.user.uid,
|
|
1443
1446
|
collectionPaths: arrayRemove(collectionPath.replaceAll("/", "-")),
|
|
1444
1447
|
["specialPermissions." + collectionPath.replaceAll("/", "-")]:
|
|
1445
1448
|
deleteField()
|
package/package.json
CHANGED
package/src/firestore.rules
CHANGED
|
@@ -68,20 +68,27 @@ service cloud.firestore {
|
|
|
68
68
|
let ruleHelper = get(/databases/$(database)/documents/rule-helpers/$(request.auth.uid)).data;
|
|
69
69
|
|
|
70
70
|
return (
|
|
71
|
-
|
|
72
|
-
request.resource.data.userId == resource.data.userId ||
|
|
71
|
+
request.auth.uid == request.resource.data.uid &&
|
|
73
72
|
(
|
|
74
|
-
resource.data.userId == "" &&
|
|
75
73
|
(
|
|
76
|
-
|
|
77
|
-
|
|
74
|
+
(
|
|
75
|
+
request.resource.data.userId == resource.data.userId ||
|
|
76
|
+
resource.data.userId == ""
|
|
77
|
+
) &&
|
|
78
|
+
(
|
|
79
|
+
request.resource.data.userId == request.auth.uid ||
|
|
80
|
+
request.resource.data.templateUserId == request.auth.uid
|
|
81
|
+
)
|
|
82
|
+
) ||
|
|
83
|
+
(
|
|
84
|
+
request.resource.data.userId == resource.data.userId &&
|
|
85
|
+
"edge-assignment-helper" in ruleHelper &&
|
|
86
|
+
permissionUpdatesCheck(user, ruleHelper, "roles") &&
|
|
87
|
+
permissionUpdatesCheck(user, ruleHelper, "specialPermssions")
|
|
78
88
|
)
|
|
79
89
|
)
|
|
80
|
-
)
|
|
81
|
-
|
|
82
|
-
permissionUpdatesCheck(user, ruleHelper, "roles") &&
|
|
83
|
-
permissionUpdatesCheck(user, ruleHelper, "specialPermssions") &&
|
|
84
|
-
request.auth.uid == request.resource.data.uid;
|
|
90
|
+
);
|
|
91
|
+
|
|
85
92
|
}
|
|
86
93
|
|
|
87
94
|
|
package/src/functions.js
CHANGED
|
@@ -1,4 +1,39 @@
|
|
|
1
1
|
// START @edge/firebase functions
|
|
2
|
+
exports.removeNonRegisteredUser = functions.https.onCall(async (data, context) => {
|
|
3
|
+
if (data.uid === context.auth.uid) {
|
|
4
|
+
const stagedUser = await db.collection('staged-users').doc(data.docId).get()
|
|
5
|
+
if (stagedUser.exists) {
|
|
6
|
+
const stagedUserData = stagedUser.data()
|
|
7
|
+
|
|
8
|
+
const rolesExist = stagedUserData.roles && Object.keys(stagedUserData.roles).length !== 0
|
|
9
|
+
const specialPermissionsExist = stagedUserData.specialPermissions && Object.keys(stagedUserData.specialPermissions).length !== 0
|
|
10
|
+
const userIdExistsAndNotBlank = stagedUserData.userId && stagedUserData.userId !== ''
|
|
11
|
+
|
|
12
|
+
if (!rolesExist && !specialPermissionsExist && !userIdExistsAndNotBlank) {
|
|
13
|
+
await db.collection('staged-users').doc(data.docId).delete()
|
|
14
|
+
return { success: true, message: '' }
|
|
15
|
+
}
|
|
16
|
+
else {
|
|
17
|
+
let message = ''
|
|
18
|
+
if (rolesExist && specialPermissionsExist) {
|
|
19
|
+
message = 'Cannot delete because the non-registered user still has roles and special permissions assigned.'
|
|
20
|
+
}
|
|
21
|
+
else if (rolesExist) {
|
|
22
|
+
message = 'Cannot delete because the non-registered user still has roles assigned.'
|
|
23
|
+
}
|
|
24
|
+
else if (specialPermissionsExist) {
|
|
25
|
+
message = 'Cannot delete because the non-registered user still has special permissions assigned.'
|
|
26
|
+
}
|
|
27
|
+
else if (userIdExistsAndNotBlank) {
|
|
28
|
+
message = 'Cannot delete because the user is registered.'
|
|
29
|
+
}
|
|
30
|
+
return { success: false, message }
|
|
31
|
+
}
|
|
32
|
+
}
|
|
33
|
+
}
|
|
34
|
+
return { success: false, message: 'Non-registered user not found.' }
|
|
35
|
+
})
|
|
36
|
+
|
|
2
37
|
exports.updateUser = functions.firestore.document('staged-users/{docId}').onUpdate((change, context) => {
|
|
3
38
|
const eventId = context.eventId
|
|
4
39
|
const eventRef = db.collection('events').doc(eventId)
|