10

Is there a way to split Firestore Security Rules (firestore.rules) into separate / multiple files?

I would like to do a structure like so:

index.rules // imports all the rules
users.rules
posts.rules
comments.rules
helperFunctions.rules
// ... and so on

My firestore.rules file is getting quite big and this would make working with it much, much easier.

Frank van Puffelen
  • 565,676
  • 79
  • 828
  • 807
Pascal
  • 1,661
  • 17
  • 29
  • This is something the Firestore team hopes to provide with proper tooling. Please file a feature request to let them know it's important to you. http://firebase.google.com/support/contact/bugs-features – Doug Stevenson Jan 20 '19 at 16:50
  • Done, thanks Doug. – Pascal Jan 20 '19 at 17:20

2 Answers2

6

Unfortunately, I don't think it's possible at this time out of the box. However, I'm with you 100% with this issue.

There may be a rough workaround using npm (or whatever cli tool). Following this answer, you may be able to have a head, multiple inserts, and a foot. If you're able to find all files matching a pattern, you can concat them to the head, then concat the foot, ultimately naming this file firestore.rules.

  • 1
    Thanks a lot for this inspiration! As you can see in my answer below I quickly wrote a Node.js module to test out your idea. Would be great to have your opinion on it :) – Pascal Jan 20 '19 at 16:42
  • 1
    Marked this as definitive answer since this answered the question, thanks! Above, Doug now additionally confirmed that there is no official option at this point. – Pascal Jan 20 '19 at 17:04
4

OneLunch Man's answer inspired me to sit down and write a small Node.js module that shall make live easier organizing your Firestore rules:

https://github.com/lupas/firestore-rulez

As @OneLunch Man proposed above, this combines the different files into one single firestore.rules file. Additionally, and if configured, it adds some helper functions that you don't have to define yourself.

Hope it helps someone :)

I love the simplicity of security rules, though I hope organizing them will be even easier in the near future. But I'm very sure it will, right Frank? ;-)

Btw: I'll leave the question unanswered, maybe there's even better solutions?

Pascal
  • 1,661
  • 17
  • 29
  • I really like that repo- don't mind if I borrow it in the near future ;) –  Jan 20 '19 at 18:14
  • This method could possibly be updated as well in the firestore tools. https://github.com/firebase/firebase-tools/blob/master/src/deploy/firestore/prepare.js#L10-L22 I may end up taking a crack at making the feature request and the PoC PR, unless you're more motivated to do so! I think that the line `var rulesFile = options.config.get("firestore.rules");` could be checked with `Array.isArray`. If it is, file concat could happen there. This way, firebase.json > firestore > rules could be a single file or an array of files in their concat order. Thoughts? –  Jan 20 '19 at 18:26
  • go ahead :) I'd image though that the official version would prefer an approach where one could define @imports within files, rather than the "hacky" concut way that just combines single files. that way they could also make it available in the console (UI) one day e.g.. Btw: feature request is created at Firebase's. – Pascal Jan 22 '19 at 08:04
  • Very good point- I'll start hunting for a more steady way- do you have a link to the request? Also, been using the util, it works great!! Thanks again :) –  Jan 22 '19 at 11:44
  • Didn't get a link, not sure if they're even publicly available. Glad to hear that, feel free to add some helper functions if you're missing any! – Pascal Jan 22 '19 at 11:57
  • Will do! As a side note- when I first used it I thought it didn't work since I've been living in firebase/angular/flutter for a while. It built instantly....! –  Jan 22 '19 at 11:59
  • 1
    Thanks for the feedback! I added a success message and published it in v0.0.9. let's not spam stackoverflow for that kinda stuff, let me know in the issues of the repo on github if you find anything else I could add to that module :) – Pascal Jan 22 '19 at 12:29