@zssz-soft/firebase-functions-shared 1.2.2 → 1.2.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/modules/security/effective-permissions.d.ts.map +1 -1
- package/lib/modules/security/effective-permissions.js +14 -37
- package/lib/modules/security/effective-permissions.js.map +1 -1
- package/lib/modules/security/effective-permissions.triggers.d.ts.map +1 -1
- package/lib/modules/security/effective-permissions.triggers.js +20 -43
- package/lib/modules/security/effective-permissions.triggers.js.map +1 -1
- package/package.json +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"effective-permissions.d.ts","sourceRoot":"","sources":["../../../src/modules/security/effective-permissions.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,OAAO,EACL,0BAA0B,EAG3B,MAAM,gCAAgC,CAAC;
|
|
1
|
+
{"version":3,"file":"effective-permissions.d.ts","sourceRoot":"","sources":["../../../src/modules/security/effective-permissions.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,OAAO,EACL,0BAA0B,EAG3B,MAAM,gCAAgC,CAAC;AAYxC;;;;;GAKG;AACH,wBAAsB,6BAA6B,CACjD,MAAM,EAAE,MAAM,EACd,MAAM,GAAE,OAAO,CAAC,0BAA0B,CAAM,GAC/C,OAAO,CAAC,IAAI,CAAC,CAyDf;AAED;;;;;GAKG;AACH,wBAAsB,0BAA0B,CAC9C,MAAM,EAAE,MAAM,EACd,MAAM,GAAE,OAAO,CAAC,0BAA0B,CAAM,GAC/C,OAAO,CAAC,IAAI,CAAC,CAYf;AAED;;;;;GAKG;AACH,wBAAsB,+BAA+B,CACnD,OAAO,EAAE,MAAM,EAAE,EACjB,MAAM,GAAE,OAAO,CAAC,0BAA0B,CAAM,GAC/C,OAAO,CAAC,IAAI,CAAC,CAiBf"}
|
|
@@ -4,46 +4,23 @@
|
|
|
4
4
|
*
|
|
5
5
|
* Provides functions to calculate and cache effective permissions for users.
|
|
6
6
|
*/
|
|
7
|
-
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
8
|
-
if (k2 === undefined) k2 = k;
|
|
9
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
10
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
11
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
12
|
-
}
|
|
13
|
-
Object.defineProperty(o, k2, desc);
|
|
14
|
-
}) : (function(o, m, k, k2) {
|
|
15
|
-
if (k2 === undefined) k2 = k;
|
|
16
|
-
o[k2] = m[k];
|
|
17
|
-
}));
|
|
18
|
-
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
19
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
20
|
-
}) : function(o, v) {
|
|
21
|
-
o["default"] = v;
|
|
22
|
-
});
|
|
23
|
-
var __importStar = (this && this.__importStar) || (function () {
|
|
24
|
-
var ownKeys = function(o) {
|
|
25
|
-
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
26
|
-
var ar = [];
|
|
27
|
-
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
28
|
-
return ar;
|
|
29
|
-
};
|
|
30
|
-
return ownKeys(o);
|
|
31
|
-
};
|
|
32
|
-
return function (mod) {
|
|
33
|
-
if (mod && mod.__esModule) return mod;
|
|
34
|
-
var result = {};
|
|
35
|
-
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
36
|
-
__setModuleDefault(result, mod);
|
|
37
|
-
return result;
|
|
38
|
-
};
|
|
39
|
-
})();
|
|
40
7
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
41
8
|
exports.calculateEffectivePermissions = calculateEffectivePermissions;
|
|
42
9
|
exports.deleteEffectivePermissions = deleteEffectivePermissions;
|
|
43
10
|
exports.batchUpdateEffectivePermissions = batchUpdateEffectivePermissions;
|
|
44
|
-
const
|
|
11
|
+
const firestore_1 = require("firebase-admin/firestore");
|
|
45
12
|
const firebase_functions_1 = require("firebase-functions");
|
|
46
13
|
const effective_permissions_models_1 = require("./effective-permissions.models");
|
|
14
|
+
const config_1 = require("../../config");
|
|
15
|
+
/**
|
|
16
|
+
* Get Firestore instance based on config databaseId with fallback to app config
|
|
17
|
+
*/
|
|
18
|
+
function getFirestoreInstance(cfg) {
|
|
19
|
+
var _a;
|
|
20
|
+
// Try config.databaseId first, then fallback to app config's firestoreDatabaseId
|
|
21
|
+
const databaseId = (_a = cfg.databaseId) !== null && _a !== void 0 ? _a : (0, config_1.getConfig)().firestoreDatabaseId;
|
|
22
|
+
return databaseId ? (0, firestore_1.getFirestore)(databaseId) : (0, firestore_1.getFirestore)();
|
|
23
|
+
}
|
|
47
24
|
/**
|
|
48
25
|
* Calculate and cache effective permissions for a user
|
|
49
26
|
*
|
|
@@ -52,7 +29,7 @@ const effective_permissions_models_1 = require("./effective-permissions.models")
|
|
|
52
29
|
*/
|
|
53
30
|
async function calculateEffectivePermissions(userId, config = {}) {
|
|
54
31
|
const cfg = Object.assign(Object.assign({}, effective_permissions_models_1.DEFAULT_EFFECTIVE_PERMISSIONS_CONFIG), config);
|
|
55
|
-
const db =
|
|
32
|
+
const db = getFirestoreInstance(cfg);
|
|
56
33
|
// Fetch user document
|
|
57
34
|
const userDoc = await db.collection(cfg.userCollection).doc(userId).get();
|
|
58
35
|
if (!userDoc.exists) {
|
|
@@ -84,7 +61,7 @@ async function calculateEffectivePermissions(userId, config = {}) {
|
|
|
84
61
|
const effectivePermissions = {
|
|
85
62
|
permissions: Array.from(allPermissions).sort(),
|
|
86
63
|
roles: roleNames.sort(),
|
|
87
|
-
lastUpdated:
|
|
64
|
+
lastUpdated: firestore_1.FieldValue.serverTimestamp(),
|
|
88
65
|
};
|
|
89
66
|
// Write to cache location: security/users/{userId}/effective_permissions
|
|
90
67
|
await db
|
|
@@ -103,7 +80,7 @@ async function calculateEffectivePermissions(userId, config = {}) {
|
|
|
103
80
|
*/
|
|
104
81
|
async function deleteEffectivePermissions(userId, config = {}) {
|
|
105
82
|
const cfg = Object.assign(Object.assign({}, effective_permissions_models_1.DEFAULT_EFFECTIVE_PERMISSIONS_CONFIG), config);
|
|
106
|
-
const db =
|
|
83
|
+
const db = getFirestoreInstance(cfg);
|
|
107
84
|
await db
|
|
108
85
|
.collection(cfg.securityCollection)
|
|
109
86
|
.doc('users')
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"effective-permissions.js","sourceRoot":"","sources":["../../../src/modules/security/effective-permissions.ts"],"names":[],"mappings":";AAAA;;;;GAIG
|
|
1
|
+
{"version":3,"file":"effective-permissions.js","sourceRoot":"","sources":["../../../src/modules/security/effective-permissions.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;AA0BH,sEA4DC;AAQD,gEAeC;AAQD,0EAoBC;AAvID,wDAA+E;AAC/E,2DAA4C;AAC5C,iFAIwC;AACxC,yCAAyC;AAEzC;;GAEG;AACH,SAAS,oBAAoB,CAAC,GAA+B;;IAC3D,iFAAiF;IACjF,MAAM,UAAU,GAAG,MAAA,GAAG,CAAC,UAAU,mCAAI,IAAA,kBAAS,GAAE,CAAC,mBAAmB,CAAC;IACrE,OAAO,UAAU,CAAC,CAAC,CAAC,IAAA,wBAAY,EAAC,UAAU,CAAC,CAAC,CAAC,CAAC,IAAA,wBAAY,GAAE,CAAC;AAChE,CAAC;AAED;;;;;GAKG;AACI,KAAK,UAAU,6BAA6B,CACjD,MAAc,EACd,SAA8C,EAAE;IAEhD,MAAM,GAAG,mCAAQ,mEAAoC,GAAK,MAAM,CAAE,CAAC;IACnE,MAAM,EAAE,GAAG,oBAAoB,CAAC,GAAG,CAAC,CAAC;IAErC,sBAAsB;IACtB,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC;IAE1E,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QACpB,2BAAM,CAAC,IAAI,CAAC,QAAQ,MAAM,kDAAkD,CAAC,CAAC;QAC9E,OAAO;IACT,CAAC;IAED,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,EAAG,CAAC;IACjC,MAAM,OAAO,GAAa,QAAQ,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC;IAE/D,gCAAgC;IAChC,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IAClG,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAEjD,uCAAuC;IACvC,MAAM,cAAc,GAAG,IAAI,GAAG,EAAU,CAAC;IACzC,MAAM,SAAS,GAAa,EAAE,CAAC;IAE/B,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,EAAS,CAAC;YACvC,MAAM,QAAQ,GAAG,QAAQ,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YAC7C,MAAM,WAAW,GAAG,QAAQ,CAAC,GAAG,CAAC,oBAAoB,CAAC,IAAI,EAAE,CAAC;YAE7D,IAAI,QAAQ,EAAE,CAAC;gBACb,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC3B,CAAC;YAED,IAAI,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;gBAC/B,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;YACpD,CAAC;QACH,CAAC;IACH,CAAC;IAED,wCAAwC;IACxC,MAAM,oBAAoB,GAAyB;QACjD,WAAW,EAAE,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,IAAI,EAAE;QAC9C,KAAK,EAAE,SAAS,CAAC,IAAI,EAAE;QACvB,WAAW,EAAE,sBAAU,CAAC,eAAe,EAAE;KAC1C,CAAC;IAEF,yEAAyE;IACzE,MAAM,EAAE;SACL,UAAU,CAAC,GAAG,CAAC,kBAAkB,CAAC;SAClC,GAAG,CAAC,OAAO,CAAC;SACZ,UAAU,CAAC,MAAM,CAAC;SAClB,GAAG,CAAC,uBAAuB,CAAC;SAC5B,GAAG,CAAC,oBAAoB,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;IAE/C,2BAAM,CAAC,IAAI,CACT,0CAA0C,MAAM,KAAK,oBAAoB,CAAC,WAAW,CAAC,MAAM,iBAAiB,oBAAoB,CAAC,KAAK,CAAC,MAAM,QAAQ,CACvJ,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACI,KAAK,UAAU,0BAA0B,CAC9C,MAAc,EACd,SAA8C,EAAE;IAEhD,MAAM,GAAG,mCAAQ,mEAAoC,GAAK,MAAM,CAAE,CAAC;IACnE,MAAM,EAAE,GAAG,oBAAoB,CAAC,GAAG,CAAC,CAAC;IAErC,MAAM,EAAE;SACL,UAAU,CAAC,GAAG,CAAC,kBAAkB,CAAC;SAClC,GAAG,CAAC,OAAO,CAAC;SACZ,UAAU,CAAC,MAAM,CAAC;SAClB,GAAG,CAAC,uBAAuB,CAAC;SAC5B,MAAM,EAAE,CAAC;IAEZ,2BAAM,CAAC,IAAI,CAAC,0CAA0C,MAAM,EAAE,CAAC,CAAC;AAClE,CAAC;AAED;;;;;GAKG;AACI,KAAK,UAAU,+BAA+B,CACnD,OAAiB,EACjB,SAA8C,EAAE;IAEhD,MAAM,GAAG,mCAAQ,mEAAoC,GAAK,MAAM,CAAE,CAAC;IACnE,MAAM,UAAU,GAAG,GAAG,CAAC,SAAS,CAAC;IAEjC,2BAAM,CAAC,IAAI,CAAC,kBAAkB,OAAO,CAAC,MAAM,uBAAuB,UAAU,GAAG,CAAC,CAAC;IAElF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,IAAI,UAAU,EAAE,CAAC;QACpD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,UAAU,CAAC,CAAC;QAC/C,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;QACnD,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,UAAU,CAAC,CAAC;QAE5D,2BAAM,CAAC,IAAI,CAAC,oBAAoB,WAAW,IAAI,YAAY,KAAK,KAAK,CAAC,MAAM,SAAS,CAAC,CAAC;QAEvF,MAAM,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,6BAA6B,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC;IAC1F,CAAC;IAED,2BAAM,CAAC,IAAI,CAAC,8BAA8B,OAAO,CAAC,MAAM,QAAQ,CAAC,CAAC;AACpE,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"effective-permissions.triggers.d.ts","sourceRoot":"","sources":["../../../src/modules/security/effective-permissions.triggers.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAcH,OAAO,EACL,0BAA0B,EAE3B,MAAM,gCAAgC,CAAC;
|
|
1
|
+
{"version":3,"file":"effective-permissions.triggers.d.ts","sourceRoot":"","sources":["../../../src/modules/security/effective-permissions.triggers.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAcH,OAAO,EACL,0BAA0B,EAE3B,MAAM,gCAAgC,CAAC;AAYxC;;;;;;GAMG;AACH,wBAAgB,4BAA4B,CAAC,MAAM,GAAE,OAAO,CAAC,0BAA0B,CAAM;IAIzF;;;OAGG;;;;IAcH;;;OAGG;;;;IA8BH;;;OAGG;;;;EAcN;AAED;;;;;;GAMG;AACH,wBAAgB,4BAA4B,CAAC,MAAM,GAAE,OAAO,CAAC,0BAA0B,CAAM;IAIzF;;;OAGG;;;;IA2CH;;;OAGG;;;;EAyBN;AAED;;;;;;GAMG;AACH,wBAAgB,8BAA8B,CAC5C,MAAM,GAAE,OAAO,CAAC,0BAA0B,CAAM,EAChD,cAAc,GAAE,MAAuB;IAkCrC;;;;OAIG;;IA2DH;;;;;OAKG;;EAiDN"}
|
|
@@ -5,48 +5,25 @@
|
|
|
5
5
|
* Factory functions that create Firebase Cloud Functions v2 triggers
|
|
6
6
|
* for automatically maintaining the effective permissions cache.
|
|
7
7
|
*/
|
|
8
|
-
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
9
|
-
if (k2 === undefined) k2 = k;
|
|
10
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
11
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
12
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
13
|
-
}
|
|
14
|
-
Object.defineProperty(o, k2, desc);
|
|
15
|
-
}) : (function(o, m, k, k2) {
|
|
16
|
-
if (k2 === undefined) k2 = k;
|
|
17
|
-
o[k2] = m[k];
|
|
18
|
-
}));
|
|
19
|
-
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
20
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
21
|
-
}) : function(o, v) {
|
|
22
|
-
o["default"] = v;
|
|
23
|
-
});
|
|
24
|
-
var __importStar = (this && this.__importStar) || (function () {
|
|
25
|
-
var ownKeys = function(o) {
|
|
26
|
-
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
27
|
-
var ar = [];
|
|
28
|
-
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
29
|
-
return ar;
|
|
30
|
-
};
|
|
31
|
-
return ownKeys(o);
|
|
32
|
-
};
|
|
33
|
-
return function (mod) {
|
|
34
|
-
if (mod && mod.__esModule) return mod;
|
|
35
|
-
var result = {};
|
|
36
|
-
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
37
|
-
__setModuleDefault(result, mod);
|
|
38
|
-
return result;
|
|
39
|
-
};
|
|
40
|
-
})();
|
|
41
8
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
42
9
|
exports.createUserPermissionTriggers = createUserPermissionTriggers;
|
|
43
10
|
exports.createRolePermissionTriggers = createRolePermissionTriggers;
|
|
44
11
|
exports.createAdminPermissionEndpoints = createAdminPermissionEndpoints;
|
|
45
|
-
const
|
|
46
|
-
const
|
|
12
|
+
const firestore_1 = require("firebase-admin/firestore");
|
|
13
|
+
const firestore_2 = require("firebase-functions/v2/firestore");
|
|
47
14
|
const https_1 = require("firebase-functions/v2/https");
|
|
48
15
|
const effective_permissions_1 = require("./effective-permissions");
|
|
49
16
|
const effective_permissions_models_1 = require("./effective-permissions.models");
|
|
17
|
+
const config_1 = require("../../config");
|
|
18
|
+
/**
|
|
19
|
+
* Get Firestore instance based on config databaseId with fallback to app config
|
|
20
|
+
*/
|
|
21
|
+
function getFirestoreInstance(cfg) {
|
|
22
|
+
var _a;
|
|
23
|
+
// Try config.databaseId first, then fallback to app config's firestoreDatabaseId
|
|
24
|
+
const databaseId = (_a = cfg.databaseId) !== null && _a !== void 0 ? _a : (0, config_1.getConfig)().firestoreDatabaseId;
|
|
25
|
+
return databaseId ? (0, firestore_1.getFirestore)(databaseId) : (0, firestore_1.getFirestore)();
|
|
26
|
+
}
|
|
50
27
|
/**
|
|
51
28
|
* Create user lifecycle triggers
|
|
52
29
|
* Automatically maintains permission cache when users are created, updated, or deleted
|
|
@@ -61,7 +38,7 @@ function createUserPermissionTriggers(config = {}) {
|
|
|
61
38
|
* Trigger when a new user is created
|
|
62
39
|
* Calculates initial effective permissions
|
|
63
40
|
*/
|
|
64
|
-
onUserCreate: (0,
|
|
41
|
+
onUserCreate: (0, firestore_2.onDocumentCreated)({
|
|
65
42
|
document: `${cfg.userCollection}/{userId}`,
|
|
66
43
|
region: cfg.region,
|
|
67
44
|
maxInstances: cfg.maxInstances,
|
|
@@ -74,7 +51,7 @@ function createUserPermissionTriggers(config = {}) {
|
|
|
74
51
|
* Trigger when a user document is updated
|
|
75
52
|
* Recalculates effective permissions if roles changed
|
|
76
53
|
*/
|
|
77
|
-
onUserRoleChange: (0,
|
|
54
|
+
onUserRoleChange: (0, firestore_2.onDocumentUpdated)({
|
|
78
55
|
document: `${cfg.userCollection}/{userId}`,
|
|
79
56
|
region: cfg.region,
|
|
80
57
|
maxInstances: cfg.maxInstances,
|
|
@@ -100,7 +77,7 @@ function createUserPermissionTriggers(config = {}) {
|
|
|
100
77
|
* Trigger when a user is deleted
|
|
101
78
|
* Cleans up the permission cache
|
|
102
79
|
*/
|
|
103
|
-
onUserDelete: (0,
|
|
80
|
+
onUserDelete: (0, firestore_2.onDocumentDeleted)({
|
|
104
81
|
document: `${cfg.userCollection}/{userId}`,
|
|
105
82
|
region: cfg.region,
|
|
106
83
|
maxInstances: cfg.maxInstances,
|
|
@@ -125,7 +102,7 @@ function createRolePermissionTriggers(config = {}) {
|
|
|
125
102
|
* Trigger when a role's permissions are updated
|
|
126
103
|
* Updates all users who have this role
|
|
127
104
|
*/
|
|
128
|
-
onRolePermissionsChange: (0,
|
|
105
|
+
onRolePermissionsChange: (0, firestore_2.onDocumentUpdated)({
|
|
129
106
|
document: `${cfg.roleCollection}/{roleId}`,
|
|
130
107
|
region: cfg.region,
|
|
131
108
|
maxInstances: cfg.maxInstances,
|
|
@@ -147,7 +124,7 @@ function createRolePermissionTriggers(config = {}) {
|
|
|
147
124
|
}
|
|
148
125
|
console.log(`Role ${roleId} ${cfg.rolePermissionsField} changed`);
|
|
149
126
|
// Find all users with this role
|
|
150
|
-
const db =
|
|
127
|
+
const db = getFirestoreInstance(cfg);
|
|
151
128
|
const usersSnapshot = await db
|
|
152
129
|
.collection(cfg.userCollection)
|
|
153
130
|
.where(cfg.userRoleIdsField, 'array-contains', roleId)
|
|
@@ -160,7 +137,7 @@ function createRolePermissionTriggers(config = {}) {
|
|
|
160
137
|
* Trigger when a role is deleted
|
|
161
138
|
* Updates all users who had this role
|
|
162
139
|
*/
|
|
163
|
-
onRoleDelete: (0,
|
|
140
|
+
onRoleDelete: (0, firestore_2.onDocumentDeleted)({
|
|
164
141
|
document: `${cfg.roleCollection}/{roleId}`,
|
|
165
142
|
region: cfg.region,
|
|
166
143
|
maxInstances: cfg.maxInstances,
|
|
@@ -168,7 +145,7 @@ function createRolePermissionTriggers(config = {}) {
|
|
|
168
145
|
const roleId = event.params.roleId;
|
|
169
146
|
console.log(`Role ${roleId} deleted`);
|
|
170
147
|
// Find all users with this role
|
|
171
|
-
const db =
|
|
148
|
+
const db = getFirestoreInstance(cfg);
|
|
172
149
|
const usersSnapshot = await db
|
|
173
150
|
.collection(cfg.userCollection)
|
|
174
151
|
.where(cfg.userRoleIdsField, 'array-contains', roleId)
|
|
@@ -239,7 +216,7 @@ function createAdminPermissionEndpoints(config = {}, adminSecretKey = 'admin.sec
|
|
|
239
216
|
}
|
|
240
217
|
try {
|
|
241
218
|
console.log('Starting bootstrap of effective permissions for all users...');
|
|
242
|
-
const db =
|
|
219
|
+
const db = getFirestoreInstance(cfg);
|
|
243
220
|
const usersSnapshot = await db.collection(cfg.userCollection).get();
|
|
244
221
|
const totalUsers = usersSnapshot.size;
|
|
245
222
|
console.log(`Found ${totalUsers} users to bootstrap`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"effective-permissions.triggers.js","sourceRoot":"","sources":["../../../src/modules/security/effective-permissions.triggers.ts"],"names":[],"mappings":";AAAA;;;;;GAKG
|
|
1
|
+
{"version":3,"file":"effective-permissions.triggers.js","sourceRoot":"","sources":["../../../src/modules/security/effective-permissions.triggers.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;AAoCH,oEAuEC;AASD,oEA8EC;AASD,wEAyJC;AAlWD,wDAA0F;AAC1F,+DAIyC;AACzC,uDAAwD;AACxD,mEAIiC;AACjC,iFAGwC;AACxC,yCAAyC;AAEzC;;GAEG;AACH,SAAS,oBAAoB,CAAC,GAA+B;;IAC3D,iFAAiF;IACjF,MAAM,UAAU,GAAG,MAAA,GAAG,CAAC,UAAU,mCAAI,IAAA,kBAAS,GAAE,CAAC,mBAAmB,CAAC;IACrE,OAAO,UAAU,CAAC,CAAC,CAAC,IAAA,wBAAY,EAAC,UAAU,CAAC,CAAC,CAAC,CAAC,IAAA,wBAAY,GAAE,CAAC;AAChE,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,4BAA4B,CAAC,SAA8C,EAAE;IAC3F,MAAM,GAAG,mCAAQ,mEAAoC,GAAK,MAAM,CAAE,CAAC;IAEnE,OAAO;QACL;;;WAGG;QACH,YAAY,EAAE,IAAA,6BAAiB,EAC7B;YACE,QAAQ,EAAE,GAAG,GAAG,CAAC,cAAc,WAAW;YAC1C,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,YAAY,EAAE,GAAG,CAAC,YAAY;SAC/B,EACD,KAAK,EAAE,KAAK,EAAE,EAAE;YACd,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC;YACnC,OAAO,CAAC,GAAG,CAAC,qBAAqB,MAAM,EAAE,CAAC,CAAC;YAC3C,MAAM,IAAA,qDAA6B,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACtD,CAAC,CACF;QAED;;;WAGG;QACH,gBAAgB,EAAE,IAAA,6BAAiB,EACjC;YACE,QAAQ,EAAE,GAAG,GAAG,CAAC,cAAc,WAAW;YAC1C,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,YAAY,EAAE,GAAG,CAAC,YAAY;SAC/B,EACD,KAAK,EAAE,KAAK,EAAE,EAAE;;YACd,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC;YACnC,MAAM,MAAM,GAAG,MAAA,KAAK,CAAC,IAAI,0CAAE,MAAM,CAAC,IAAI,EAAE,CAAC;YACzC,MAAM,KAAK,GAAG,MAAA,KAAK,CAAC,IAAI,0CAAE,KAAK,CAAC,IAAI,EAAE,CAAC;YAEvC,IAAI,CAAC,MAAM,IAAI,CAAC,KAAK;gBAAE,OAAO;YAE9B,MAAM,aAAa,GAAa,MAAM,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC;YACnE,MAAM,YAAY,GAAa,KAAK,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC;YAEjE,kCAAkC;YAClC,MAAM,YAAY,GAChB,aAAa,CAAC,MAAM,KAAK,YAAY,CAAC,MAAM;gBAC5C,aAAa,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,EAAE,CAAC,CAAC,YAAY,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;gBAC9D,YAAY,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;YAEjE,IAAI,YAAY,EAAE,CAAC;gBACjB,OAAO,CAAC,GAAG,CAAC,QAAQ,MAAM,IAAI,GAAG,CAAC,gBAAgB,UAAU,CAAC,CAAC;gBAC9D,MAAM,IAAA,qDAA6B,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YACtD,CAAC;QACH,CAAC,CACF;QAED;;;WAGG;QACH,YAAY,EAAE,IAAA,6BAAiB,EAC7B;YACE,QAAQ,EAAE,GAAG,GAAG,CAAC,cAAc,WAAW;YAC1C,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,YAAY,EAAE,GAAG,CAAC,YAAY;SAC/B,EACD,KAAK,EAAE,KAAK,EAAE,EAAE;YACd,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC;YACnC,OAAO,CAAC,GAAG,CAAC,iBAAiB,MAAM,EAAE,CAAC,CAAC;YACvC,MAAM,IAAA,kDAA0B,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACnD,CAAC,CACF;KACF,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,4BAA4B,CAAC,SAA8C,EAAE;IAC3F,MAAM,GAAG,mCAAQ,mEAAoC,GAAK,MAAM,CAAE,CAAC;IAEnE,OAAO;QACL;;;WAGG;QACH,uBAAuB,EAAE,IAAA,6BAAiB,EACxC;YACE,QAAQ,EAAE,GAAG,GAAG,CAAC,cAAc,WAAW;YAC1C,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,YAAY,EAAE,GAAG,CAAC,YAAY;SAC/B,EACD,KAAK,EAAE,KAAK,EAAE,EAAE;;YACd,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC;YACnC,MAAM,MAAM,GAAG,MAAA,KAAK,CAAC,IAAI,0CAAE,MAAM,CAAC,IAAI,EAAE,CAAC;YACzC,MAAM,KAAK,GAAG,MAAA,KAAK,CAAC,IAAI,0CAAE,KAAK,CAAC,IAAI,EAAE,CAAC;YAEvC,IAAI,CAAC,MAAM,IAAI,CAAC,KAAK;gBAAE,OAAO;YAE9B,MAAM,iBAAiB,GAAa,MAAM,CAAC,GAAG,CAAC,oBAAoB,CAAC,IAAI,EAAE,CAAC;YAC3E,MAAM,gBAAgB,GAAa,KAAK,CAAC,GAAG,CAAC,oBAAoB,CAAC,IAAI,EAAE,CAAC;YAEzE,wCAAwC;YACxC,MAAM,kBAAkB,GACtB,iBAAiB,CAAC,MAAM,KAAK,gBAAgB,CAAC,MAAM;gBACpD,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;gBACpE,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;YAEvE,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBACxB,OAAO;YACT,CAAC;YAED,OAAO,CAAC,GAAG,CAAC,QAAQ,MAAM,IAAI,GAAG,CAAC,oBAAoB,UAAU,CAAC,CAAC;YAElE,gCAAgC;YAChC,MAAM,EAAE,GAAG,oBAAoB,CAAC,GAAG,CAAC,CAAC;YACrC,MAAM,aAAa,GAAG,MAAM,EAAE;iBAC3B,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC;iBAC9B,KAAK,CAAC,GAAG,CAAC,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,CAAC;iBACrD,GAAG,EAAE,CAAC;YAET,OAAO,CAAC,GAAG,CAAC,SAAS,aAAa,CAAC,IAAI,oBAAoB,MAAM,EAAE,CAAC,CAAC;YAErE,MAAM,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAA0B,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAC/E,MAAM,IAAA,uDAA+B,EAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QACzD,CAAC,CACF;QAED;;;WAGG;QACH,YAAY,EAAE,IAAA,6BAAiB,EAC7B;YACE,QAAQ,EAAE,GAAG,GAAG,CAAC,cAAc,WAAW;YAC1C,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,YAAY,EAAE,GAAG,CAAC,YAAY;SAC/B,EACD,KAAK,EAAE,KAAK,EAAE,EAAE;YACd,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC;YACnC,OAAO,CAAC,GAAG,CAAC,QAAQ,MAAM,UAAU,CAAC,CAAC;YAEtC,gCAAgC;YAChC,MAAM,EAAE,GAAG,oBAAoB,CAAC,GAAG,CAAC,CAAC;YACrC,MAAM,aAAa,GAAG,MAAM,EAAE;iBAC3B,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC;iBAC9B,KAAK,CAAC,GAAG,CAAC,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,CAAC;iBACrD,GAAG,EAAE,CAAC;YAET,MAAM,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAA0B,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAC/E,MAAM,IAAA,uDAA+B,EAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAEvD,OAAO,CAAC,GAAG,CAAC,WAAW,aAAa,CAAC,IAAI,4BAA4B,CAAC,CAAC;QACzE,CAAC,CACF;KACF,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,8BAA8B,CAC5C,SAA8C,EAAE,EAChD,iBAAyB,cAAc;IAEvC,MAAM,GAAG,mCAAQ,mEAAoC,GAAK,MAAM,CAAE,CAAC;IAEnE;;OAEG;IACH,SAAS,mBAAmB,CAAC,GAAQ;;QACnC,MAAM,cAAc,GAAG,MAAA,GAAG,CAAC,OAAO,CAAC,aAAa,0CAAE,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QAEzE,0DAA0D;QAC1D,MAAM,UAAU,GAAG,cAAc,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QACpE,IAAI,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QAErC,qEAAqE;QACrE,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,IAAI,CAAC;gBACH,MAAM,UAAU,GAAG,cAAc,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBAC7C,IAAI,MAAM,GAAQ,OAAO,CAAC,oBAAoB,CAAC,CAAC,MAAM,EAAE,CAAC;gBAEzD,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;oBAC7B,MAAM,GAAG,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAG,GAAG,CAAC,CAAC;gBACzB,CAAC;gBACD,MAAM,GAAG,MAAM,CAAC;YAClB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,wDAAwD;gBACxD,OAAO,CAAC,IAAI,CAAC,oEAAoE,CAAC,CAAC;YACrF,CAAC;QACH,CAAC;QAED,OAAO,cAAc,KAAK,MAAM,CAAC;IACnC,CAAC;IAED,OAAO;QACL;;;;WAIG;QACH,6BAA6B,EAAE,IAAA,iBAAS,EACtC;YACE,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,YAAY,EAAE,GAAG,CAAC,YAAY;SAC/B,EACD,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE;YACjB,OAAO;YACP,GAAG,CAAC,GAAG,CAAC,6BAA6B,EAAE,GAAG,CAAC,CAAC;YAC5C,IAAI,GAAG,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;gBAC7B,GAAG,CAAC,GAAG,CAAC,8BAA8B,EAAE,MAAM,CAAC,CAAC;gBAChD,GAAG,CAAC,GAAG,CAAC,8BAA8B,EAAE,4BAA4B,CAAC,CAAC;gBACtE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBACzB,OAAO;YACT,CAAC;YAED,wBAAwB;YACxB,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC9B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iCAAiC,EAAE,CAAC,CAAC;gBACnE,OAAO;YACT,CAAC;YAED,IAAI,CAAC;gBACH,OAAO,CAAC,GAAG,CAAC,8DAA8D,CAAC,CAAC;gBAE5E,MAAM,EAAE,GAAG,oBAAoB,CAAC,GAAG,CAAC,CAAC;gBACrC,MAAM,aAAa,GAAG,MAAM,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,GAAG,EAAE,CAAC;gBACpE,MAAM,UAAU,GAAG,aAAa,CAAC,IAAI,CAAC;gBAEtC,OAAO,CAAC,GAAG,CAAC,SAAS,UAAU,qBAAqB,CAAC,CAAC;gBAEtD,IAAI,UAAU,KAAK,CAAC,EAAE,CAAC;oBACrB,GAAG,CAAC,IAAI,CAAC;wBACP,OAAO,EAAE,IAAI;wBACb,OAAO,EAAE,6BAA6B;wBACtC,cAAc,EAAE,CAAC;qBAClB,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBAED,MAAM,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAA0B,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBAC/E,MAAM,IAAA,uDAA+B,EAAC,OAAO,EAAE,MAAM,CAAC,CAAC;gBAEvD,GAAG,CAAC,IAAI,CAAC;oBACP,OAAO,EAAE,IAAI;oBACb,OAAO,EAAE,0CAA0C,UAAU,QAAQ;oBACrE,cAAc,EAAE,UAAU;oBAC1B,UAAU;iBACX,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,OAAO,CAAC,KAAK,CAAC,yBAAyB,EAAE,KAAK,CAAC,CAAC;gBAChD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBACnB,KAAK,EAAE,kBAAkB;oBACzB,OAAO,EAAE,KAAK,CAAC,OAAO;iBACvB,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CACF;QAED;;;;;WAKG;QACH,0BAA0B,EAAE,IAAA,iBAAS,EACnC;YACE,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,YAAY,EAAE,GAAG,CAAC,YAAY;SAC/B,EACD,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE;;YACjB,OAAO;YACP,GAAG,CAAC,GAAG,CAAC,6BAA6B,EAAE,GAAG,CAAC,CAAC;YAC5C,IAAI,GAAG,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;gBAC7B,GAAG,CAAC,GAAG,CAAC,8BAA8B,EAAE,MAAM,CAAC,CAAC;gBAChD,GAAG,CAAC,GAAG,CAAC,8BAA8B,EAAE,4BAA4B,CAAC,CAAC;gBACtE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBACzB,OAAO;YACT,CAAC;YAED,wBAAwB;YACxB,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC9B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iCAAiC,EAAE,CAAC,CAAC;gBACnE,OAAO;YACT,CAAC;YAED,MAAM,MAAM,GAAG,CAAA,MAAA,GAAG,CAAC,IAAI,0CAAE,MAAM,KAAI,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC;YAEpD,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,0BAA0B,EAAE,CAAC,CAAC;gBAC5D,OAAO;YACT,CAAC;YAED,IAAI,CAAC;gBACH,OAAO,CAAC,GAAG,CAAC,4CAA4C,MAAM,EAAE,CAAC,CAAC;gBAClE,MAAM,IAAA,qDAA6B,EAAC,MAAgB,EAAE,MAAM,CAAC,CAAC;gBAE9D,GAAG,CAAC,IAAI,CAAC;oBACP,OAAO,EAAE,IAAI;oBACb,OAAO,EAAE,+CAA+C,MAAM,EAAE;oBAChE,MAAM;iBACP,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,OAAO,CAAC,KAAK,CAAC,uCAAuC,MAAM,GAAG,EAAE,KAAK,CAAC,CAAC;gBACvE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBACnB,KAAK,EAAE,sBAAsB;oBAC7B,OAAO,EAAE,KAAK,CAAC,OAAO;oBACtB,MAAM;iBACP,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CACF;KACF,CAAC;AACJ,CAAC"}
|