firebase-tools 11.8.1 → 11.10.0

package/lib/emulator/functionsEmulatorRuntime.js

@@ -10,15 +10,13 @@ const types_1 = require("./types");
 const constants_1 = require("./constants");
 const functionsEmulatorShared_1 = require("./functionsEmulatorShared");
 const functionsEmulatorUtils_1 = require("./functionsEmulatorUtils");
+const types_2 = require("./events/types");
 let functionModule;
 let FUNCTION_TARGET_NAME;
 let FUNCTION_SIGNATURE;
 let FUNCTION_DEBUG_MODE;
 let developerPkgJSON;
 const dynamicImport = new Function("modulePath", "return import(modulePath)");
-function isFeatureEnabled(frb, feature) {
-    return frb.disabled_features ? !frb.disabled_features[feature] : true;
-}
 function noOp() {
     return false;
 }
@@ -485,73 +483,14 @@ async function initializeFunctionsConfigHelper() {
 function rawBodySaver(req, res, buf) {
     req.rawBody = buf;
 }
-async function processHTTPS(trigger) {
-    const ephemeralServer = express();
-    await new Promise((resolveEphemeralServer, rejectEphemeralServer) => {
-        ephemeralServer.enable("trust proxy");
-        ephemeralServer.use(bodyParser.json({
-            limit: "10mb",
-            verify: rawBodySaver,
-        }));
-        ephemeralServer.use(bodyParser.text({
-            limit: "10mb",
-            verify: rawBodySaver,
-        }));
-        ephemeralServer.use(bodyParser.urlencoded({
-            extended: true,
-            limit: "10mb",
-            verify: rawBodySaver,
-        }));
-        ephemeralServer.use(bodyParser.raw({
-            type: "*/*",
-            limit: "10mb",
-            verify: rawBodySaver,
-        }));
-        let server;
-        function closeServer() {
-            if (server) {
-                server.close((err) => {
-                    if (err) {
-                        rejectEphemeralServer(err);
-                    }
-                    else {
-                        resolveEphemeralServer();
-                    }
-                });
-            }
-        }
-        ephemeralServer.get("/__/health", (req, res) => {
-            res.status(200).send();
-        });
-        ephemeralServer.all("/favicon.ico|/robots.txt", (req, res) => {
-            res.on("finish", closeServer);
-            res.status(404).send();
-        });
-        ephemeralServer.all(`/*`, async (req, res) => {
-            try {
-                logDebug(`Ephemeral server handling ${req.method} request`);
-                res.on("finish", closeServer);
-                await runHTTPS(trigger, [req, res]);
-            }
-            catch (err) {
-                rejectEphemeralServer(err);
-            }
-        });
-        server = ephemeralServer.listen(process.env.PORT);
-        logDebug(`Listening to port: ${process.env.PORT}`);
-        server.on("error", rejectEphemeralServer);
-    });
-}
-async function processBackground(trigger, frb, signature) {
-    const proto = frb.proto;
-    logDebug("ProcessBackground", proto);
+async function processBackground(trigger, reqBody, signature) {
     if (signature === "cloudevent") {
-        return runCloudEvent(trigger, proto);
+        return runCloudEvent(trigger, reqBody);
     }
-    const data = proto.data;
-    delete proto.data;
-    const context = proto.context ? proto.context : proto;
-    if (!proto.eventType || !proto.eventType.startsWith("google.storage")) {
+    const data = reqBody.data;
+    delete reqBody.data;
+    const context = reqBody.context ? reqBody.context : reqBody;
+    if (!reqBody.eventType || !reqBody.eventType.startsWith("google.storage")) {
         if (context.resource && context.resource.name) {
             logDebug("ProcessBackground: lifting resource.name from resource", context.resource);
             context.resource = context.resource.name;
@@ -567,15 +506,14 @@ async function runFunction(func) {
     catch (err) {
         caughtErr = err;
     }
-    logDebug(`Ephemeral server survived.`);
     if (caughtErr) {
         throw caughtErr;
     }
 }
-async function runBackground(trigger, proto) {
-    logDebug("RunBackground", proto);
+async function runBackground(trigger, reqBody) {
+    logDebug("RunBackground", reqBody);
     await runFunction(() => {
-        return trigger(proto.data, proto.context);
+        return trigger(reqBody.data, reqBody.context);
     });
 }
 async function runCloudEvent(trigger, event) {
@@ -613,43 +551,6 @@ async function moduleResolutionDetective(error) {
 function logDebug(msg, data) {
     new types_1.EmulatorLog("DEBUG", "runtime-status", `[${process.pid}] ${msg}`, data).log();
 }
-async function invokeTrigger(trigger, frb) {
-    new types_1.EmulatorLog("INFO", "runtime-status", `Beginning execution of "${FUNCTION_TARGET_NAME}"`, {
-        frb,
-    }).log();
-    logDebug(`Running ${FUNCTION_TARGET_NAME} in signature ${FUNCTION_SIGNATURE}`);
-    let seconds = 0;
-    const timerId = setInterval(() => {
-        seconds++;
-    }, 1000);
-    let timeoutId;
-    if (isFeatureEnabled(frb, "timeout")) {
-        let timeout = process.env.FUNCTIONS_EMULATOR_TIMEOUT_SECONDS || "60";
-        if (timeout.endsWith("s")) {
-            timeout = timeout.slice(0, -1);
-        }
-        const timeoutMs = parseInt(timeout, 10) * 1000;
-        timeoutId = setTimeout(() => {
-            new types_1.EmulatorLog("WARN", "runtime-status", `Your function timed out after ~${timeout}s. To configure this timeout, see
-      https://firebase.google.com/docs/functions/manage-functions#set_timeout_and_memory_allocation.`).log();
-            throw new Error("Function timed out.");
-        }, timeoutMs);
-    }
-    switch (FUNCTION_SIGNATURE) {
-        case "event":
-        case "cloudevent":
-            await processBackground(trigger, frb, FUNCTION_SIGNATURE);
-            break;
-        case "http":
-            await processHTTPS(trigger);
-            break;
-    }
-    if (timeoutId) {
-        clearTimeout(timeoutId);
-    }
-    clearInterval(timerId);
-    new types_1.EmulatorLog("INFO", "runtime-status", `Finished "${FUNCTION_TARGET_NAME}" in ~${Math.max(seconds, 1)}s`).log();
-}
 async function initializeRuntime() {
     FUNCTION_DEBUG_MODE = process.env.FUNCTION_DEBUG_MODE || "";
     if (!FUNCTION_DEBUG_MODE) {
@@ -695,50 +596,25 @@ async function flushAndExit(code) {
     await types_1.EmulatorLog.waitForFlush();
     process.exit(code);
 }
-async function goIdle() {
-    new types_1.EmulatorLog("SYSTEM", "runtime-status", "Runtime is now idle", { state: "idle" }).log();
-    await types_1.EmulatorLog.waitForFlush();
-}
 async function handleMessage(message) {
-    let runtimeArgs;
+    let debug;
     try {
-        runtimeArgs = JSON.parse(message);
+        debug = JSON.parse(message);
     }
     catch (e) {
         new types_1.EmulatorLog("FATAL", "runtime-error", `Got unexpected message body: ${message}`).log();
         await flushAndExit(1);
         return;
     }
-    if (!functionModule) {
-        try {
-            functionModule = await loadTriggers();
+    if (FUNCTION_DEBUG_MODE) {
+        if (debug) {
+            FUNCTION_TARGET_NAME = debug.functionTarget;
+            FUNCTION_SIGNATURE = debug.functionSignature;
         }
-        catch (e) {
-            logDebug(e);
-            new types_1.EmulatorLog("FATAL", "runtime-status", `Failed to initialize and load triggers. This shouldn't happen: ${e.message}`).log();
-            await flushAndExit(1);
-            return;
+        else {
+            new types_1.EmulatorLog("WARN", "runtime-warning", "Expected debug payload while in debug mode.");
         }
     }
-    if (FUNCTION_DEBUG_MODE) {
-        FUNCTION_TARGET_NAME = runtimeArgs.frb.debug.functionTarget;
-        FUNCTION_SIGNATURE = runtimeArgs.frb.debug.functionSignature;
-    }
-    const trigger = FUNCTION_TARGET_NAME.split(".").reduce((mod, functionTargetPart) => {
-        return mod === null || mod === void 0 ? void 0 : mod[functionTargetPart];
-    }, functionModule);
-    if (!trigger) {
-        throw new Error(`Failed to find function ${FUNCTION_TARGET_NAME} in the loaded module`);
-    }
-    logDebug(`Beginning invocation function ${FUNCTION_TARGET_NAME}!`);
-    try {
-        await invokeTrigger(trigger, runtimeArgs.frb);
-        await goIdle();
-    }
-    catch (err) {
-        new types_1.EmulatorLog("FATAL", "runtime-error", err.stack ? err.stack : err).log();
-        await flushAndExit(1);
-    }
 }
 async function main() {
     let lastSignal = new Date().getTime();
@@ -755,6 +631,92 @@ async function main() {
         }
     });
     await initializeRuntime();
+    try {
+        functionModule = await loadTriggers();
+    }
+    catch (e) {
+        new types_1.EmulatorLog("FATAL", "runtime-status", `Failed to initialize and load triggers. This shouldn't happen: ${e.message}`).log();
+        await flushAndExit(1);
+    }
+    const app = express();
+    app.enable("trust proxy");
+    app.use(bodyParser.json({
+        limit: "10mb",
+        verify: rawBodySaver,
+    }));
+    app.use(bodyParser.text({
+        limit: "10mb",
+        verify: rawBodySaver,
+    }));
+    app.use(bodyParser.urlencoded({
+        extended: true,
+        limit: "10mb",
+        verify: rawBodySaver,
+    }));
+    app.use(bodyParser.raw({
+        type: "*/*",
+        limit: "10mb",
+        verify: rawBodySaver,
+    }));
+    app.get("/__/health", (req, res) => {
+        res.status(200).send();
+    });
+    app.all("/favicon.ico|/robots.txt", (req, res) => {
+        res.status(404).send();
+    });
+    app.all(`/*`, async (req, res) => {
+        var _a;
+        try {
+            new types_1.EmulatorLog("INFO", "runtime-status", `Beginning execution of "${FUNCTION_TARGET_NAME}"`).log();
+            const trigger = FUNCTION_TARGET_NAME.split(".").reduce((mod, functionTargetPart) => {
+                return mod === null || mod === void 0 ? void 0 : mod[functionTargetPart];
+            }, functionModule);
+            if (!trigger) {
+                throw new Error(`Failed to find function ${FUNCTION_TARGET_NAME} in the loaded module`);
+            }
+            const startHrTime = process.hrtime();
+            res.on("finish", () => {
+                const elapsedHrTime = process.hrtime(startHrTime);
+                new types_1.EmulatorLog("INFO", "runtime-status", `Finished "${FUNCTION_TARGET_NAME}" in ${elapsedHrTime[0] * 1000 + elapsedHrTime[1] / 1000000}ms`).log();
+            });
+            switch (FUNCTION_SIGNATURE) {
+                case "event":
+                case "cloudevent":
+                    const rawBody = req.rawBody;
+                    let reqBody = JSON.parse(rawBody.toString());
+                    if ((_a = req.headers["content-type"]) === null || _a === void 0 ? void 0 : _a.includes("cloudevent")) {
+                        if (types_2.EventUtils.isBinaryCloudEvent(req)) {
+                            reqBody = types_2.EventUtils.extractBinaryCloudEventContext(req);
+                            reqBody.data = req.body;
+                        }
+                    }
+                    await processBackground(trigger, reqBody, FUNCTION_SIGNATURE);
+                    res.send({ status: "acknowledged" });
+                    break;
+                case "http":
+                    await runHTTPS(trigger, [req, res]);
+            }
+        }
+        catch (err) {
+            new types_1.EmulatorLog("FATAL", "runtime-error", err.stack ? err.stack : err).log();
+            res.status(500).send(err.message);
+        }
+    });
+    const server = app.listen(process.env.PORT, () => {
+        logDebug(`Listening to port: ${process.env.PORT}`);
+    });
+    if (!FUNCTION_DEBUG_MODE) {
+        let timeout = process.env.FUNCTIONS_EMULATOR_TIMEOUT_SECONDS || "60";
+        if (timeout.endsWith("s")) {
+            timeout = timeout.slice(0, -1);
+        }
+        const timeoutMs = parseInt(timeout, 10) * 1000;
+        server.setTimeout(timeoutMs, () => {
+            new types_1.EmulatorLog("FATAL", "runtime-error", `Your function timed out after ~${timeout}s. To configure this timeout, see
+      https://firebase.google.com/docs/functions/manage-functions#set_timeout_and_memory_allocation.`).log();
+            return flushAndExit(1);
+        });
+    }
     let messageHandlePromise = Promise.resolve();
     process.on("message", (message) => {
         messageHandlePromise = messageHandlePromise

package/lib/emulator/functionsEmulatorShared.js

@@ -161,6 +161,9 @@ function getFunctionService(def) {
     if (def.blockingTrigger) {
         return def.blockingTrigger.eventType;
     }
+    if (def.httpsTrigger) {
+        return "https";
+    }
     return "unknown";
 }
 exports.getFunctionService = getFunctionService;

package/lib/emulator/functionsEmulatorShell.js

@@ -41,7 +41,7 @@ class FunctionsEmulatorShell {
             auth: opts.auth,
             data,
         };
-        this.emu.invokeTrigger(trigger, proto);
+        this.emu.sendRequest(trigger, proto);
     }
     getTrigger(name) {
         const result = this.triggers.find((trigger) => {

package/lib/emulator/functionsRuntimeWorker.js

@@ -22,19 +22,6 @@ class RuntimeWorker {
         this.id = uuid.v4();
         this.key = key;
         this.runtime = runtime;
-        this.runtime.events.on("log", (log) => {
-            if (log.type === "runtime-status") {
-                if (log.data.state === "idle") {
-                    if (this.state === RuntimeWorkerState.BUSY) {
-                        this.state = RuntimeWorkerState.IDLE;
-                    }
-                    else if (this.state === RuntimeWorkerState.FINISHING) {
-                        this.log(`IDLE --> FINISHING`);
-                        this.runtime.process.kill();
-                    }
-                }
-            }
-        });
         const childProc = this.runtime.process;
         let msgBuffer = "";
         childProc.on("message", (msg) => {
@@ -71,11 +58,55 @@ class RuntimeWorker {
         }
         return lines[lines.length - 1];
     }
-    execute(frb, opts) {
-        const execFrb = Object.assign({}, frb);
-        const args = { frb: execFrb, opts };
+    sendDebugMsg(debug) {
+        return new Promise((resolve, reject) => {
+            this.runtime.process.send(JSON.stringify(debug), (err) => {
+                if (err) {
+                    reject(err);
+                }
+                else {
+                    resolve();
+                }
+            });
+        });
+    }
+    request(req, resp, body) {
         this.state = RuntimeWorkerState.BUSY;
-        this.runtime.process.send(JSON.stringify(args));
+        const onFinish = () => {
+            if (this.state === RuntimeWorkerState.BUSY) {
+                this.state = RuntimeWorkerState.IDLE;
+            }
+            else if (this.state === RuntimeWorkerState.FINISHING) {
+                this.log(`IDLE --> FINISHING`);
+                this.runtime.process.kill();
+            }
+        };
+        return new Promise((resolve) => {
+            const proxy = http.request({
+                method: req.method,
+                path: req.path,
+                headers: req.headers,
+                socketPath: this.runtime.socketPath,
+            }, (_resp) => {
+                resp.writeHead(_resp.statusCode || 200, _resp.headers);
+                const piped = _resp.pipe(resp);
+                piped.on("finish", () => {
+                    onFinish();
+                    resolve();
+                });
+            });
+            proxy.on("error", (err) => {
+                resp.writeHead(500);
+                resp.write(JSON.stringify(err));
+                resp.end();
+                this.runtime.process.kill();
+                resolve();
+            });
+            if (body) {
+                proxy.write(body);
+            }
+            proxy.end();
+        });
     }
     get state() {
         return this._state;
@@ -100,20 +131,6 @@ class RuntimeWorker {
         }
         this.runtime.events.on("log", listener);
     }
-    waitForDone() {
-        if (this.state === RuntimeWorkerState.IDLE || this.state === RuntimeWorkerState.FINISHED) {
-            return Promise.resolve();
-        }
-        return new Promise((res) => {
-            const listener = () => {
-                this.stateEvents.removeListener(RuntimeWorkerState.IDLE, listener);
-                this.stateEvents.removeListener(RuntimeWorkerState.FINISHED, listener);
-                res();
-            };
-            this.stateEvents.once(RuntimeWorkerState.IDLE, listener);
-            this.stateEvents.once(RuntimeWorkerState.FINISHED, listener);
-        });
-    }
     isSocketReady() {
         return new Promise((resolve, reject) => {
             const req = http
@@ -198,14 +215,16 @@ class RuntimeWorkerPool {
         const idleWorker = this.getIdleWorker(triggerId);
         return !!idleWorker;
     }
-    submitWork(triggerId, frb, opts) {
-        this.log(`submitWork(triggerId=${triggerId})`);
+    async submitRequest(triggerId, req, resp, body, debug) {
+        this.log(`submitRequest(triggerId=${triggerId})`);
         const worker = this.getIdleWorker(triggerId);
         if (!worker) {
-            throw new error_1.FirebaseError("Internal Error: can't call submitWork without checking for idle workers");
+            throw new error_1.FirebaseError("Internal Error: can't call submitRequest without checking for idle workers");
         }
-        worker.execute(frb, opts);
-        return worker;
+        if (debug) {
+            await worker.sendDebugMsg(debug);
+        }
+        return worker.request(req, resp, body);
     }
     getIdleWorker(triggerId) {
         this.cleanUpWorkers();

package/lib/emulator/storage/files.js

@@ -63,7 +63,7 @@ class StorageLayer {
         const hasValidDownloadToken = ((metadata === null || metadata === void 0 ? void 0 : metadata.downloadTokens) || []).includes((_a = request.downloadToken) !== null && _a !== void 0 ? _a : "");
         let authorized = hasValidDownloadToken;
         if (!authorized) {
-            authorized = await this._rulesValidator.validate(["b", request.bucketId, "o", request.decodedObjectId].join("/"), request.bucketId, types_1.RulesetOperationMethod.GET, { before: metadata === null || metadata === void 0 ? void 0 : metadata.asRulesResource() }, request.authorization);
+            authorized = await this._rulesValidator.validate(["b", request.bucketId, "o", request.decodedObjectId].join("/"), request.bucketId, types_1.RulesetOperationMethod.GET, { before: metadata === null || metadata === void 0 ? void 0 : metadata.asRulesResource() }, this._projectId, request.authorization);
         }
         if (!authorized) {
             throw new errors_1.ForbiddenError("Failed auth");
@@ -92,7 +92,7 @@ class StorageLayer {
     }
     async deleteObject(request) {
         const storedMetadata = this.getMetadata(request.bucketId, request.decodedObjectId);
-        const authorized = await this._rulesValidator.validate(["b", request.bucketId, "o", request.decodedObjectId].join("/"), request.bucketId, types_1.RulesetOperationMethod.DELETE, { before: storedMetadata === null || storedMetadata === void 0 ? void 0 : storedMetadata.asRulesResource() }, request.authorization);
+        const authorized = await this._rulesValidator.validate(["b", request.bucketId, "o", request.decodedObjectId].join("/"), request.bucketId, types_1.RulesetOperationMethod.DELETE, { before: storedMetadata === null || storedMetadata === void 0 ? void 0 : storedMetadata.asRulesResource() }, this._projectId, request.authorization);
         if (!authorized) {
             throw new errors_1.ForbiddenError();
         }
@@ -126,7 +126,7 @@ class StorageLayer {
         const authorized = await this._rulesValidator.validate(["b", request.bucketId, "o", request.decodedObjectId].join("/"), request.bucketId, types_1.RulesetOperationMethod.UPDATE, {
             before: storedMetadata === null || storedMetadata === void 0 ? void 0 : storedMetadata.asRulesResource(),
             after: storedMetadata === null || storedMetadata === void 0 ? void 0 : storedMetadata.asRulesResource(request.metadata),
-        }, request.authorization);
+        }, this._projectId, request.authorization);
         if (!authorized) {
             throw new errors_1.ForbiddenError();
         }
@@ -162,7 +162,7 @@ class StorageLayer {
         const authorized = await this._rulesValidator.validate(["b", upload.bucketId, "o", upload.objectId].join("/"), upload.bucketId, types_1.RulesetOperationMethod.CREATE, {
             before: storedMetadata === null || storedMetadata === void 0 ? void 0 : storedMetadata.asRulesResource(),
             after: metadata.asRulesResource(),
-        }, upload.authorization);
+        }, this._projectId, upload.authorization);
         if (!authorized) {
             this._persistence.deleteFile(upload.path);
             throw new errors_1.ForbiddenError();
@@ -220,7 +220,7 @@ class StorageLayer {
     async listObjects(request) {
         var _a;
         const { bucketId, prefix, delimiter, pageToken, authorization } = request;
-        const authorized = await this._rulesValidator.validate(["b", bucketId, "o", prefix.replace(TRAILING_SLASHES_PATTERN, "")].join("/"), bucketId, types_1.RulesetOperationMethod.LIST, {}, authorization, delimiter);
+        const authorized = await this._rulesValidator.validate(["b", bucketId, "o", prefix.replace(TRAILING_SLASHES_PATTERN, "")].join("/"), bucketId, types_1.RulesetOperationMethod.LIST, {}, this._projectId, authorization, delimiter);
         if (!authorized) {
             throw new errors_1.ForbiddenError();
         }

package/lib/emulator/storage/rules/runtime.js

@@ -14,6 +14,8 @@ const constants_1 = require("../../constants");
 const download_1 = require("../../download");
 const fs = require("fs-extra");
 const downloadableEmulators_1 = require("../../downloadableEmulators");
+const registry_1 = require("../../registry");
+const apiv2_1 = require("../../../apiv2");
 const lock = new AsyncLock();
 const synchonizationKey = "key";
 class StorageRulesetInstance {
@@ -118,6 +120,7 @@ class StorageRulesRuntime {
             }
         });
         (_b = this._childprocess.stdout) === null || _b === void 0 ? void 0 : _b.on("data", (buf) => {
+            var _a;
             const serializedRuntimeActionResponse = buf.toString("utf-8").trim();
             if (serializedRuntimeActionResponse !== "") {
                 let rap;
@@ -128,8 +131,13 @@ class StorageRulesRuntime {
                     emulatorLogger_1.EmulatorLogger.forEmulator(types_2.Emulators.STORAGE).log("INFO", serializedRuntimeActionResponse);
                     return;
                 }
-                const request = this._requests[rap.id];
-                if (rap.status !== "ok") {
+                const id = (_a = rap.id) !== null && _a !== void 0 ? _a : rap.server_request_id;
+                if (id === undefined) {
+                    console.log(`Received no ID from server response ${serializedRuntimeActionResponse}`);
+                    return;
+                }
+                const request = this._requests[id];
+                if (rap.status !== "ok" && !("action" in rap)) {
                     console.warn(`[RULES] ${rap.status}: ${rap.message}`);
                     rap.errors.forEach(console.warn.bind(console));
                     return;
@@ -148,12 +156,15 @@ class StorageRulesRuntime {
         var _a;
         (_a = this._childprocess) === null || _a === void 0 ? void 0 : _a.kill("SIGINT");
     }
-    async _sendRequest(rab) {
+    async _sendRequest(rab, overrideId) {
         if (!this._childprocess) {
             throw new error_1.FirebaseError("Attempted to send Cloud Storage rules request before child was ready");
         }
-        const runtimeActionRequest = Object.assign(Object.assign({}, rab), { id: this._requestCount++ });
-        if (this._requests[runtimeActionRequest.id]) {
+        const runtimeActionRequest = Object.assign(Object.assign({}, rab), { id: overrideId !== null && overrideId !== void 0 ? overrideId : this._requestCount++ });
+        if (overrideId !== undefined) {
+            delete this._requests[overrideId];
+        }
+        else if (this._requests[runtimeActionRequest.id]) {
             throw new error_1.FirebaseError("Attempted to send Cloud Storage rules request with stale id");
         }
         return new Promise((resolve) => {
@@ -211,7 +222,14 @@ class StorageRulesRuntime {
                 variables: runtimeVariables,
             },
         };
-        const response = (await this._sendRequest(runtimeActionRequest));
+        return this._completeVerifyWithRuleset(opts.projectId, runtimeActionRequest);
+    }
+    async _completeVerifyWithRuleset(projectId, runtimeActionRequest, overrideId) {
+        const response = (await this._sendRequest(runtimeActionRequest, overrideId));
+        if ("context" in response) {
+            const dataResponse = await fetchFirestoreDocument(projectId, response);
+            return this._completeVerifyWithRuleset(projectId, dataResponse, response.server_request_id);
+        }
         if (!response.errors)
             response.errors = [];
         if (!response.warnings)
@@ -282,6 +300,23 @@ function toExpressionValue(obj) {
     }
     throw new error_1.FirebaseError(`Cannot convert "${obj}" of type ${typeof obj} for Firebase Storage rules runtime`);
 }
+async function fetchFirestoreDocument(projectId, request) {
+    const url = registry_1.EmulatorRegistry.url(types_2.Emulators.FIRESTORE);
+    const pathname = `projects/${projectId}${request.context.path}`;
+    const client = new apiv2_1.Client({
+        urlPrefix: url.toString(),
+        apiVersion: "v1",
+    });
+    try {
+        const doc = await client.get(pathname);
+        const { name, fields } = doc.body;
+        const result = { name, fields };
+        return { result, status: types_1.DataLoadStatus.OK, warnings: [], errors: [] };
+    }
+    catch (e) {
+        return { status: types_1.DataLoadStatus.NOT_FOUND, warnings: [], errors: [] };
+    }
+}
 function createAuthExpressionValue(opts) {
     if (!opts.token) {
         return toExpressionValue(null);

package/lib/emulator/storage/rules/types.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.RulesetOperationMethod = void 0;
+exports.DataLoadStatus = exports.RulesetOperationMethod = void 0;
 var RulesetOperationMethod;
 (function (RulesetOperationMethod) {
     RulesetOperationMethod["READ"] = "read";
@@ -11,3 +11,9 @@ var RulesetOperationMethod;
     RulesetOperationMethod["UPDATE"] = "update";
     RulesetOperationMethod["DELETE"] = "delete";
 })(RulesetOperationMethod = exports.RulesetOperationMethod || (exports.RulesetOperationMethod = {}));
+var DataLoadStatus;
+(function (DataLoadStatus) {
+    DataLoadStatus["OK"] = "ok";
+    DataLoadStatus["NOT_FOUND"] = "not_found";
+    DataLoadStatus["INVALID_STATE"] = "invalid_state";
+})(DataLoadStatus = exports.DataLoadStatus || (exports.DataLoadStatus = {}));

package/lib/emulator/storage/rules/utils.js

@@ -5,12 +5,13 @@ const emulatorLogger_1 = require("../../emulatorLogger");
 const types_1 = require("../../types");
 function getFirebaseRulesValidator(rulesetProvider) {
     return {
-        validate: async (path, bucketId, method, variableOverrides, authorization, delimiter) => {
+        validate: async (path, bucketId, method, variableOverrides, projectId, authorization, delimiter) => {
             return await isPermitted({
                 ruleset: rulesetProvider(bucketId),
                 file: variableOverrides,
                 path,
                 method,
+                projectId,
                 authorization,
                 delimiter,
             });
@@ -42,6 +43,7 @@ async function isPermitted(opts) {
         method: opts.method,
         path: opts.path,
         file: opts.file,
+        projectId: opts.projectId,
         token: opts.authorization ? opts.authorization.split(" ")[1] : undefined,
         delimiter: opts.delimiter,
     });

package/lib/emulator/storage/server.js

@@ -13,6 +13,12 @@ function createApp(defaultProjectId, emulator) {
     const { storageLayer } = emulator;
     const app = express();
     emulatorLogger_1.EmulatorLogger.forEmulator(types_1.Emulators.STORAGE).log("DEBUG", `Temp file directory for storage emulator: ${storageLayer.dirPath}`);
+    app.use("/", (req, res, next) => {
+        if (req.headers["access-control-request-private-network"]) {
+            res.setHeader("access-control-allow-private-network", "true");
+        }
+        next();
+    });
     app.use(cors({
         origin: true,
         exposedHeaders: [

package/lib/ensureApiEnabled.js

@@ -17,6 +17,7 @@ const apiClient = new apiv2_1.Client({
 });
 async function check(projectId, apiName, prefix, silent = false) {
     const res = await apiClient.get(`/projects/${projectId}/services/${apiName}`, {
+        headers: { "x-goog-quota-user": `projects/${projectId}` },
         skipLog: { resBody: true },
     });
     const isEnabled = res.body.state === "ENABLED";
@@ -29,6 +30,7 @@ exports.check = check;
 async function enable(projectId, apiName) {
     try {
         await apiClient.post(`/projects/${projectId}/services/${apiName}:enable`, undefined, {
+            headers: { "x-goog-quota-user": `projects/${projectId}` },
             skipLog: { resBody: true },
         });
     }