即使使用锁定,Firebase 规则测试也未通过
Firebase rules test does not pass even when using lockdown
我正在尝试测试我的 firebase 规则,但即使我使用锁定模式,它们似乎也没有通过。我遵循了 https://firebase.google.com/docs/firestore/security/test-rules-emulator
的指南
const firebase = require('@firebase/rules-unit-testing');
const fs = require('fs');
const projectId = 'test-judge';
function getAuthedFirestore(auth) {
return firebase.initializeAdminApp({
projectId: projectId,
auth: auth
}).firestore();
}
beforeEach(async () => {
await firebase.clearFirestoreData({ projectId });
});
before(async () => {
const rules = fs.readFileSync('firestore.rules', 'utf8');
await firebase.loadFirestoreRules({
projectId: projectId,
rules: rules
});
});
after(async () => {
await Promise.all(firebase.apps().map(app => app.delete()));
});
describe('locked down', () => {
it("require users to log in before creating a profile", async () => {
const db = getAuthedFirestore(null);
const profile = db.collection("users").doc("alice");
await firebase.assertFails(profile.set({ birthday: "January 1" }));
});
});
这是我的 firebase.json
{
"firestore": {
"rules": "firestore.rules",
"indexes": "firestore.indexes.json"
}
}
和我的package.json
{
"devDependencies": {
"firebase-admin": "^9.11.0",
"@firebase/app": "^0.6.29",
"@firebase/rules-unit-testing": "^1.3.12",
"mocha": "^9.0.3",
"fs-extra": "^10.0.0"
},
"scripts": {
"test": "mocha"
}
}
这里是firestore.rules
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if false;
}
}
}
在我看来我做错了什么,但如果我 运行 npm test 测试失败。我希望它通过,因为使用 asserFails 并且在规则中我 return false
我应该无法设置测试应该通过的值
这是我的输出
Warning: FIRESTORE_EMULATOR_HOST not set, using default value localhost:8080
locked down
1) require users to log in before creating a profile
0 passing (324ms)
1 failing
1) locked down
require users to log in before creating a profile:
Error: Expected request to fail, but it succeeded.
at C:\Users\Moneer\Desktop\judge_rules\node_modules\@firebase\rules-unit-testing\dist\index.cjs.js:581:31
at async Context.<anonymous> (test\test.js:33:9)
npm ERR! Test failed. See above for more details.
这是预期的行为,安全规则可以保护您的后端服务免受恶意客户端请求的侵害。 “AdminApp”与 Admin-SDK 有关,Admin-SDK 是一种服务工具,直接在安全规则后面与 Firebase 服务交互。
作为参考,您会注意到 Admin-SDK 通常需要服务帐户凭据,这样 SDK 才能通过 GCP IAM 服务进行身份验证
刚刚意识到我应该使用 initializeTestApp 而不是 initializeAdminApp
我正在尝试测试我的 firebase 规则,但即使我使用锁定模式,它们似乎也没有通过。我遵循了 https://firebase.google.com/docs/firestore/security/test-rules-emulator
的指南const firebase = require('@firebase/rules-unit-testing');
const fs = require('fs');
const projectId = 'test-judge';
function getAuthedFirestore(auth) {
return firebase.initializeAdminApp({
projectId: projectId,
auth: auth
}).firestore();
}
beforeEach(async () => {
await firebase.clearFirestoreData({ projectId });
});
before(async () => {
const rules = fs.readFileSync('firestore.rules', 'utf8');
await firebase.loadFirestoreRules({
projectId: projectId,
rules: rules
});
});
after(async () => {
await Promise.all(firebase.apps().map(app => app.delete()));
});
describe('locked down', () => {
it("require users to log in before creating a profile", async () => {
const db = getAuthedFirestore(null);
const profile = db.collection("users").doc("alice");
await firebase.assertFails(profile.set({ birthday: "January 1" }));
});
});
这是我的 firebase.json
{
"firestore": {
"rules": "firestore.rules",
"indexes": "firestore.indexes.json"
}
}
和我的package.json
{
"devDependencies": {
"firebase-admin": "^9.11.0",
"@firebase/app": "^0.6.29",
"@firebase/rules-unit-testing": "^1.3.12",
"mocha": "^9.0.3",
"fs-extra": "^10.0.0"
},
"scripts": {
"test": "mocha"
}
}
这里是firestore.rules
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if false;
}
}
}
在我看来我做错了什么,但如果我 运行 npm test 测试失败。我希望它通过,因为使用 asserFails 并且在规则中我 return false
我应该无法设置测试应该通过的值
这是我的输出
Warning: FIRESTORE_EMULATOR_HOST not set, using default value localhost:8080
locked down
1) require users to log in before creating a profile
0 passing (324ms)
1 failing
1) locked down
require users to log in before creating a profile:
Error: Expected request to fail, but it succeeded.
at C:\Users\Moneer\Desktop\judge_rules\node_modules\@firebase\rules-unit-testing\dist\index.cjs.js:581:31
at async Context.<anonymous> (test\test.js:33:9)
npm ERR! Test failed. See above for more details.
这是预期的行为,安全规则可以保护您的后端服务免受恶意客户端请求的侵害。 “AdminApp”与 Admin-SDK 有关,Admin-SDK 是一种服务工具,直接在安全规则后面与 Firebase 服务交互。
作为参考,您会注意到 Admin-SDK 通常需要服务帐户凭据,这样 SDK 才能通过 GCP IAM 服务进行身份验证
刚刚意识到我应该使用 initializeTestApp 而不是 initializeAdminApp