Modify RulesetProvider to take resource parameter

firebase · Mar 9, 2022 · 40af2f8 · 40af2f8
1 parent 323f382
commit 40af2f8
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 3 deletions.
diff --git a/src/emulator/storage/files.ts b/src/emulator/storage/files.ts
@@ -185,6 +185,7 @@ export class StorageLayer {
     if (!authorized) {
       authorized = await this._validator.validate(
         ["b", request.bucketId, "o", request.decodedObjectId].join("/"),
+        request.bucketId,
         RulesetOperationMethod.GET,
         { before: metadata?.asRulesResource() },
         request.authorization
@@ -309,6 +310,7 @@ export class StorageLayer {
       skipAuth ||
       (await this._validator.validate(
         ["b", upload.bucketId, "o", upload.objectId].join("/"),
+        upload.bucketId,
         RulesetOperationMethod.CREATE,
         { after: metadata?.asRulesResource() },
         upload.authorization

diff --git a/src/emulator/storage/index.ts b/src/emulator/storage/index.ts
@@ -45,7 +45,7 @@ export class StorageEmulator implements EmulatorInstance {
     this._persistence = new Persistence(this.getPersistenceTmpDir());
     this._storageLayer = new StorageLayer(
       args.projectId,
-      getRulesValidator(() => this.getRules("default")), // TODO(hsinpei): Fix
+      getRulesValidator((resource: string) => this.getRules(resource)),
       this._persistence
     );
     this._uploadService = new UploadService(this._persistence);

diff --git a/src/emulator/storage/rules/utils.ts b/src/emulator/storage/rules/utils.ts
@@ -13,14 +13,15 @@ export type RulesVariableOverrides = {
 export interface RulesValidator {
   validate(
     path: string,
+    bucketId: string,
     method: RulesetOperationMethod,
     variableOverrides: RulesVariableOverrides,
     authorization?: string
   ): Promise<boolean>;
 }
 
 /** Provider for Storage security rules. */
-export type RulesetProvider = () => StorageRulesetInstance | undefined;
+export type RulesetProvider = (resource: string) => StorageRulesetInstance | undefined;
 
 /**
  * Returns a {@link RulesValidator} that pulls a Ruleset from a
@@ -30,12 +31,13 @@ export function getRulesValidator(rulesetProvider: RulesetProvider): RulesValida
   return {
     validate: async (
       path: string,
+      bucketId: string,
       method: RulesetOperationMethod,
       variableOverrides: RulesVariableOverrides,
       authorization?: string
     ) => {
       return await isPermitted({
-        ruleset: rulesetProvider(),
+        ruleset: rulesetProvider(bucketId),
         file: variableOverrides,
         path,
         method,