@progressive-development/pd-provider-firebase-functions 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/auth.d.ts +2 -1
  2. package/dist/auth.d.ts.map +1 -1
  3. package/dist/auth.js +3 -4
  4. package/package.json +1 -1
package/dist/auth.d.ts CHANGED
@@ -5,7 +5,8 @@ import { AuthContext } from './types';
5
5
  */
6
6
  export declare function requireAuth(request: CallableRequest): AuthContext;
7
7
  /**
8
- * Require specific role claims
8
+ * Require specific role claims.
9
+ * Supports Firebase standard format: { admin: true, developer: true }
9
10
  */
10
11
  export declare function requireClaims(request: CallableRequest, allowedRoles: string[]): AuthContext;
11
12
  /**
package/dist/auth.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAE9D,OAAO,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAGtC;;GAEG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,eAAe,GAAG,WAAW,CASjE;AAED;;GAEG;AACH,wBAAgB,aAAa,CAC3B,OAAO,EAAE,eAAe,EACxB,YAAY,EAAE,MAAM,EAAE,GACrB,WAAW,CASb;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,GAAG,IAAI,CAMjF"}
1
+ {"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAE9D,OAAO,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAGtC;;GAEG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,eAAe,GAAG,WAAW,CASjE;AAED;;;GAGG;AACH,wBAAgB,aAAa,CAC3B,OAAO,EAAE,eAAe,EACxB,YAAY,EAAE,MAAM,EAAE,GACrB,WAAW,CAUb;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,GAAG,IAAI,CAMjF"}
package/dist/auth.js CHANGED
@@ -13,15 +13,14 @@ function requireAuth(request) {
13
13
  }
14
14
  function requireClaims(request, allowedRoles) {
15
15
  const auth = requireAuth(request);
16
- const userRoles = auth.claims.roles ?? [];
17
- if (!allowedRoles.some((role) => userRoles.includes(role))) {
18
- logger.warn("Access denied", { uid: auth.uid, required: allowedRoles });
16
+ const hasRole = allowedRoles.some((role) => auth.claims[role] === true);
17
+ if (!hasRole) {
19
18
  throw new ForbiddenError();
20
19
  }
21
20
  return auth;
22
21
  }
23
22
  function requireOwnership(auth, resourceOwnerId) {
24
- const isAdmin = (auth.claims.roles ?? []).includes("admin");
23
+ const isAdmin = auth.claims.admin === true;
25
24
  if (!isAdmin && auth.uid !== resourceOwnerId) {
26
25
  logger.warn("Ownership violation", { uid: auth.uid, resourceOwnerId });
27
26
  throw new ForbiddenError("Cannot access other user's resources");
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@progressive-development/pd-provider-firebase-functions",
3
- "version": "0.1.0",
3
+ "version": "0.2.0",
4
4
  "description": "Firebase Functions v2 utilities for pd-spa-helper backend",
5
5
  "author": "PD Progressive Development",
6
6
  "license": "SEE LICENSE IN LICENSE",