@edgedev/firebase 2.0.29 → 2.0.32

package/edgeFirebase.ts

@@ -48,17 +48,15 @@ import {
   OAuthProvider,
   browserPopupRedirectResolver,
   signInWithPopup,
-  signInWithPhoneNumber,
   sendSignInLinkToEmail,
-  updateEmail,
   verifyBeforeUpdateEmail,
-  RecaptchaVerifier,
-  ConfirmationResult,
-  PhoneAuthProvider,
   signInWithCustomToken,
   updateProfile,
 } from "firebase/auth";
 
+
+import { getStorage, ref as storageRef, uploadBytes, getDownloadURL} from "firebase/storage";
+
 import { getFunctions, httpsCallable, connectFunctionsEmulator } from "firebase/functions";
 
 import { getAnalytics, logEvent } from "firebase/analytics";
@@ -236,8 +234,10 @@ export const EdgeFirebase = class {
 
     if (this.firebaseConfig.measurementId) {
       this.anaytics = getAnalytics(this.app);
+    }  
+     if (this.firebaseConfig.storageBucket) {
+      this.storage = getStorage(this.app);
     }
-
     this.functions = getFunctions(this.app);
     if (this.firebaseConfig.emulatorFunctions) {
       connectFunctionsEmulator(this.functions, "127.0.0.1", this.firebaseConfig.emulatorFunctions)
@@ -250,7 +250,7 @@ export const EdgeFirebase = class {
   public app = null;
   public auth = null;
   public db = null;
-
+  public storage = null;
   private anaytics = null;
 
   private functions = null;
@@ -2119,4 +2119,70 @@ export const EdgeFirebase = class {
       this.unsubscribe[collectionPath] = null;
     }
   };
+
+
+  // File functions
+  public uploadFileToStorage = async (filePath: string, file: Blob): Promise<actionResponse> => {
+    try {
+      // Validate if file is provided
+      if (!file) {
+        return this.sendResponse({
+          success: false,
+          message: "No file provided for upload.",
+          meta: {}
+        });
+      }
+
+      // Check if the user has write permission to the filePath
+      const hasWritePermission = await this.permissionCheck("write", filePath);
+      if (!hasWritePermission) {
+        return this.sendResponse({
+          success: false,
+          message: "You do not have permission to upload files to this path.",
+          meta: {}
+        });
+      }
+
+      // Initialize Firebase Storage
+
+      // Define a temporary path for the file upload
+      // You might want to include some unique identifier in the temporary path
+      const tempFilePath = `temp/${this.user.uid}/${filePath.replaceAll('/', '-|-')}`;
+
+      // Create a reference to the temporary file location
+      const fileRef = storageRef(this.storage, tempFilePath);
+
+      // Upload the file to the temporary location
+      await uploadBytes(fileRef, file);
+
+      // Prepare data for the callable function
+      const data = {
+        uid: this.user.uid,
+        filePath: filePath, // The final desired path for the file
+      };
+
+      // Call the Firebase Function to handle the file move and any additional processing
+      const callable = httpsCallable(this.functions, 'edgeFirebase-uploadFile');
+      const functionResult = await callable(data);
+
+      const resultData = functionResult.data as { success: boolean; message: string; finalDownloadURL?: string };
+
+      if (!resultData.success) {
+        throw new Error(resultData.message);
+      }
+      // Return success response
+      return this.sendResponse({
+        success: true,
+        message: "File processed successfully.",
+        meta: {}
+      });
+    } catch (error) {
+      console.error(error);
+      return this.sendResponse({
+        success: false,
+        message: "An error occurred during file processing.",
+        meta: {}
+      });
+    }
+  };
 };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@edgedev/firebase",
-  "version": "2.0.29",
+  "version": "2.0.32",
   "description": "Vue 3 / Nuxt 3 Plugin or Nuxt 3 plugin for firebase authentication and firestore.",
   "main": "index.ts",
   "scripts": {

package/src/.env.dev

@@ -4,4 +4,5 @@ STRIPE_RETURN_URL=
 OPENAI_API_KEY=
 TWILIO_SID=
 TWILIO_AUTH_TOKEN=
-TWILIO_SYSTEM_NUMBER=
+TWILIO_SYSTEM_NUMBER=
+STORAGE_BUCKET=

package/src/.env.prod

@@ -4,4 +4,5 @@ STRIPE_RETURN_URL=
 OPENAI_API_KEY=
 TWILIO_SID=
 TWILIO_AUTH_TOKEN=
-TWILIO_SYSTEM_NUMBER=
+TWILIO_SYSTEM_NUMBER=
+STORAGE_BUCKET=

package/src/config.js

@@ -1,3 +1,5 @@
+/* eslint-disable @typescript-eslint/no-var-requires */
+/* eslint-disable no-undef */
 const functions = require('firebase-functions')
 const { PubSub } = require('@google-cloud/pubsub')
 const admin = require('firebase-admin')
@@ -10,6 +12,7 @@ const { onMessagePublished } = require('firebase-functions/v2/pubsub')
 
 const { onCall, HttpsError, onRequest } = require('firebase-functions/v2/https')
 const { onSchedule } = require('firebase-functions/v2/scheduler')
+const { Storage } = require('@google-cloud/storage')
 const {
   onDocumentWritten,
   onDocumentCreated,
@@ -42,5 +45,6 @@ module.exports = {
   admin,
   twilio,
   db,
+  Storage,
 }
 

package/src/edgeFirebase.js

@@ -1,9 +1,12 @@
+/* eslint-disable @typescript-eslint/no-var-requires */
+/* eslint-disable no-undef */
 const { onCall, HttpsError, logger, getFirestore, functions, admin, twilio, db, onSchedule, onDocumentUpdated, pubsub } = require('./config.js')
 
 const authToken = process.env.TWILIO_AUTH_TOKEN
 const accountSid = process.env.TWILIO_SID
 const systemNumber = process.env.TWILIO_SYSTEM_NUMBER
 
+
 function formatPhoneNumber(phone) {
   // Remove non-numeric characters from the phone number
   const numericPhone = phone.replace(/\D/g, '')
@@ -11,6 +14,120 @@ function formatPhoneNumber(phone) {
   return `+1${numericPhone}`
 }
 
+
+
+// File functions:
+
+//TODO: NEED TO WRITE WRAPPERS FOR THESE IN THE edgeFirebase.js file... UPLOAD has to do alot more... upload needs to acutall upload the file to firestorage... get the path, then pass it to the uploadFile function...
+//TODO: the uploadFile funntion needs to delete the file if they don't have permission to write to the path... 
+
+const bucketName = process.env.BUCKET_NAME
+const storage = new Storage();
+const bucket = storage.bucket(bucketName)
+
+exports.uploadFile = onCall(async (request) => {
+  const auth = request.auth
+  if (data.uid !== auth.uid) {
+    throw new functions.https.HttpsError('permission-denied', 'You do not have permission to upload files for this user.');
+  }
+  const tempFilesPath = `temp/${auth.uid}/`;
+  const [files] = await bucket.getFiles({ prefix: tempFilesPath });
+  for (const file of files) {
+    const originalFilePath = file.name.replace(/-\|-/g, '/');
+    const hasWritePermission = await permissionCheck(auth.uid, "write", originalFilePath);
+    if (hasWritePermission) {
+      // Move file to the new path
+      await bucket.file(file.name).move(originalFilePath);
+    } else {
+      // Delete the file if no write permission
+      await bucket.file(file.name).delete();
+    }
+  }
+});
+
+exports.downloadFile = onCall(async (request) => {
+  const data = request.data;
+  const auth = request.auth
+  if (data.uid !== auth.uid) {
+    throw new functions.https.HttpsError('permission-denied', 'You do not have permission to upload files for this user.');
+  }
+  // Permission check for downloading the specified file
+  const canRead = await permissionCheck(auth.uid, "read", data.filePath);
+  if (!canRead) {
+    throw new HttpsError('permission-denied', 'You do not have permission to download this file.');
+  }
+
+  const options = {
+    version: 'v4',
+    action: 'read',
+    expires: Date.now() + 5 * 60 * 1000, // 5 minutes
+  };
+
+  try {
+    const [url] = await bucket.file(data.filePath).getSignedUrl(options);
+    return { success: true, url };
+  } catch (error) {
+    logger.error(error);
+    throw new HttpsError('internal', 'Unable to generate download URL.');
+  }
+});
+
+exports.listFiles = onCall(async (request) => {
+  // Validate user authentication
+  const data = request.data
+  const auth = request.auth
+  if (data.uid !== auth.uid) {
+    throw new functions.https.HttpsError('permission-denied', 'You do not have permission to upload files for this user.');
+  }
+
+  // Permission check for reading the specified directory
+  const canRead = await permissionCheck(auth.uid, "read", data.directoryPath);
+  if (!canRead) {
+    throw new HttpsError('permission-denied', 'You do not have permission to list files in this directory.');
+  }
+
+  try {
+    const [files] = await bucket.getFiles({ prefix: data.directoryPath });
+    const fileList = files.map(file => file.name);
+    return { success: true, fileList };
+  } catch (error) {
+    logger.error(error);
+    throw new HttpsError('internal', 'Unable to list files.');
+  }
+});
+
+
+exports.deleteFile = onCall(async (request) => {
+  // Validate user authentication
+  const data = request.data
+  const auth = request.auth
+  if (data.uid !== auth.uid) {
+    throw new functions.https.HttpsError('permission-denied', 'You do not have permission to upload files for this user.');
+  }
+
+  // Extract filePath from the request data
+  const filePath = data.filePath;
+
+  // Perform permission check for deleting the specified file
+  const canDelete = await permissionCheck(auth.uid, "delete", filePath);
+  if (!canDelete) {
+    throw new functions.https.HttpsError('permission-denied', 'You do not have permission to delete this file.');
+  }
+
+  try {
+    // Specify your bucket name
+    await storage.bucket(bucketName).file(filePath).delete();
+
+    return { success: true, message: "File successfully deleted." };
+  } catch (error) {
+    console.error("Error deleting file:", error);
+    throw new functions.https.HttpsError('internal', 'Failed to delete file.');
+  }
+});
+
+//end file functions
+
+
 exports.topicQueue = onSchedule({ schedule: 'every 1 minutes', timeoutSeconds: 180 }, async (event) => {
   const queuedTopicsRef = db.collection('topic-queue')
   const snapshot = await queuedTopicsRef.get()

package/src/postinstall.sh

@@ -22,6 +22,25 @@ awk '/\/\/ #EDGE FIREBASE RULES START/,/\/\/ #EDGE FIREBASE RULES END/' ./src/fi
   sed -e '1s/^/\/\/ #EDGE FIREBASE RULES START\n/' -e '$s/$/\n\/\/ #EDGE FIREBASE RULES END/' \
   >> "$project_root/firestore.rules";
 
+
+# Check if the destination file exists
+if [ ! -f "$project_root/storage.rules" ]; then
+  # If the file does not exist, create it and add the rules_version line
+  echo "rules_version = '2';" > "$project_root/storage.rules";
+fi
+
+# Ensure there's a newline at the end of the file
+[ "$(tail -c1 $project_root/storage.rules)" != "" ] && echo "" >> "$project_root/storage.rules"
+
+# Remove the existing block of rules between the markers
+sed -i.backup '/\/\/ #EDGE FIREBASE RULES START/,/\/\/ #EDGE FIREBASE RULES END/d' "$project_root/storage.rules"
+
+# Extract the code block from the source file and append it to the destination file
+awk '/\/\/ #EDGE FIREBASE RULES START/,/\/\/ #EDGE FIREBASE RULES END/' ./src/storage.rules | \
+  sed '1d;$d' | \
+  sed -e '1s/^/\/\/ #EDGE FIREBASE RULES START\n/' -e '$s/$/\n\/\/ #EDGE FIREBASE RULES END/' \
+  >> "$project_root/storage.rules";
+
 if [ ! -d "$project_root/functions" ]; then
   mkdir "$project_root/functions"
 fi

package/src/storage.rules

@@ -0,0 +1,19 @@
+rules_version = '2';
+// #EDGE FIREBASE RULES START
+service firebase.storage {
+  match /b/{bucket}/o {
+    // Deny read access to all paths
+    match /{allPaths=**} {
+      allow read: if false;
+    }
+    // Allow write access only to paths matching /temp/{userId}/{anyPath=**}
+    // {userId} is a placeholder for the actual user ID
+    // {anyPath=**} matches any file path under /temp/{userId}/
+    match /temp/{userId}/{anyPath=**} {
+      allow write: if request.auth != null && request.auth.uid == userId;
+      // Keep read access denied
+      allow read: if false;
+    }
+  }
+}
+// #EDGE FIREBASE RULES END