Modify RulesetProvider to take resource parameter

src/emulator/storage/apis/firebase.ts

@@ -491,9 +491,7 @@ export function createFirebaseEndpoints(emulator: StorageEmulator): Router {
       authorization: req.header("authorization"),
       file: rulesFiles,
     });
-    if (
-      !(permitted)
-    ) {
+    if (!permitted) {
       return res.status(403).json({
         error: {
           code: 403,

src/emulator/storage/files.ts

@@ -185,6 +185,7 @@ export class StorageLayer {
     if (!authorized) {
       authorized = await this._validator.validate(
         ["b", request.bucketId, "o", request.decodedObjectId].join("/"),
+        request.bucketId,
         RulesetOperationMethod.GET,
         { before: metadata?.asRulesResource() },
         request.authorization
@@ -309,6 +310,7 @@ export class StorageLayer {
       skipAuth ||
       (await this._validator.validate(
         ["b", upload.bucketId, "o", upload.objectId].join("/"),
+        upload.bucketId,
         RulesetOperationMethod.CREATE,
         { after: metadata?.asRulesResource() },
         upload.authorization

src/emulator/storage/index.ts

@@ -45,7 +45,7 @@ export class StorageEmulator implements EmulatorInstance {
     this._persistence = new Persistence(this.getPersistenceTmpDir());
     this._storageLayer = new StorageLayer(
       args.projectId,
-      getRulesValidator(() => this.getRules("default")), // TODO(hsinpei): Fix
+      getRulesValidator((resource: string) => this.getRules(resource)),
       this._persistence
     );
     this._uploadService = new UploadService(this._persistence);

src/emulator/storage/rules/manager.ts

@@ -6,9 +6,9 @@ import { StorageRulesIssues, StorageRulesRuntime, StorageRulesetInstance } from
 import { readFile } from "../../../fsutils";
 import { RulesConfig, RulesType } from "..";
 
-/** 
+/**
  * Keeps track of the rules source file and maintains a generated ruleset for one or more storage
- * resources. 
+ * resources.
  * */
 export interface StorageRulesManager {
   /** Sets source file for each resource using the rules previously passed in the constructor. */

src/emulator/storage/rules/utils.ts

@@ -13,14 +13,15 @@ export type RulesVariableOverrides = {
 export interface RulesValidator {
   validate(
     path: string,
+    bucketId: string,
     method: RulesetOperationMethod,
     variableOverrides: RulesVariableOverrides,
     authorization?: string
   ): Promise<boolean>;
 }
 
 /** Provider for Storage security rules. */
-export type RulesetProvider = () => StorageRulesetInstance | undefined;
+export type RulesetProvider = (resource: string) => StorageRulesetInstance | undefined;
 
 /**
  * Returns a {@link RulesValidator} that pulls a Ruleset from a
@@ -30,12 +31,13 @@ export function getRulesValidator(rulesetProvider: RulesetProvider): RulesValida
   return {
     validate: async (
       path: string,
+      bucketId: string,
       method: RulesetOperationMethod,
       variableOverrides: RulesVariableOverrides,
       authorization?: string
     ) => {
       return await isPermitted({
-        ruleset: rulesetProvider(),
+        ruleset: rulesetProvider(bucketId),
         file: variableOverrides,
         path,
         method,

src/test/emulators/storage/rules/manager.spec.ts

@@ -30,7 +30,7 @@ describe("Storage Rules Manager", function () {
     await rulesManager.close();
   });
 
-  it("should load multiple rulesets on start", async () => {
+  it("should load multiple rulesets on start", () => {
     expect(rulesManager.getRuleset("bucket_1")).not.to.be.undefined;
     expect(rulesManager.getRuleset("bucket_2")).not.to.be.undefined;
   });