New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
blaze_compiler
Advanced tools
blaze_compiler - npm Package Compare versions
Comparing version 0.0.25 to 0.0.26
| { | ||
| "name": "blaze_compiler", | ||
| "version": "0.0.25", | ||
| "version": "0.0.26", | ||
| "description": "Transpiles extendable, schema orientated definitions into Firebase security rules", | ||
@@ -5,0 +5,0 @@ "author": "Tom Larkworthy", |
@@ -16,4 +16,4 @@ # Blaze Security Compiler for Firebase | ||
| functions: | ||
| - isLoggedIn(): auth.id !== null | ||
| - isLoggedIn(): auth.uid !== null | ||
| schema: {} | ||
@@ -385,2 +385,5 @@ | ||
| ## Changelog | ||
| - 10th April 2015: | ||
| - fixed erroneous substitution of parameters into member expressions | ||
| - 12th Jan 2015: | ||
@@ -387,0 +390,0 @@ - improved messaging if blah.child('name') syntax is erroneously used |
@@ -5,54 +5,12 @@ { | ||
| ".read":"false", | ||
| "users": { | ||
| "$workspace_id": { | ||
| ".write":"false", | ||
| ".read":"false", | ||
| "$userid": { | ||
| ".write":"(false)", | ||
| ".read":"($userid===auth.username)", | ||
| "inbox": { | ||
| ".write":"(false)", | ||
| ".read":"(($userid===auth.username))", | ||
| "$message": { | ||
| ".write":"(((!newData.parent().parent().parent().parent().exists()||!(((newData.parent().parent().parent().parent().isString()||newData.parent().parent().parent().parent().isNumber()||newData.parent().parent().parent().parent().isBoolean()))))&&(!newData.parent().parent().parent().exists()||!(((newData.parent().parent().parent().isString()||newData.parent().parent().parent().isNumber()||newData.parent().parent().parent().isBoolean()))))&&(!newData.parent().parent().exists()||!(((newData.parent().parent().isString()||newData.parent().parent().isNumber()||newData.parent().parent().isBoolean()))))&&(!newData.parent().exists()||!(((newData.parent().isString()||newData.parent().isNumber()||newData.parent().isBoolean()))))&&(!newData.exists()||!(((newData.isString()||newData.isNumber()||newData.isBoolean()))))&&(newData.val()==null||newData.child('from').exists()&&newData.child('to').exists()&&newData.child('message').exists())&&(auth.username==newData.child('from').val()&&newData.child('from').exists()&&!data.child('from').exists()||$userid===auth.username&&data.child('from').exists()&&!newData.child('from').exists())&&(!newData.child('from').exists()||newData.child('from').isString())&&(newData.child('to').exists()&&!data.child('to').exists()||data.child('to').exists()&&!newData.child('to').exists())&&(!newData.child('to').exists()||newData.child('to').isString())&&(newData.child('message').exists()&&!data.child('message').exists()||data.child('message').exists()&&!newData.child('message').exists())&&(!newData.child('message').exists()||newData.child('message').isString())&&(newData.parent().exists()&&!data.parent().exists()&&auth.username!==null||data.parent().exists()&&!newData.parent().exists()&&$userid===auth.username)))", | ||
| ".read":"(($userid===auth.username))", | ||
| "from": { | ||
| ".write":"(((!newData.parent().parent().parent().parent().parent().exists()||!(((newData.parent().parent().parent().parent().parent().isString()||newData.parent().parent().parent().parent().parent().isNumber()||newData.parent().parent().parent().parent().parent().isBoolean()))))&&(!newData.parent().parent().parent().parent().exists()||!(((newData.parent().parent().parent().parent().isString()||newData.parent().parent().parent().parent().isNumber()||newData.parent().parent().parent().parent().isBoolean()))))&&(!newData.parent().parent().parent().exists()||!(((newData.parent().parent().parent().isString()||newData.parent().parent().parent().isNumber()||newData.parent().parent().parent().isBoolean()))))&&(!newData.parent().parent().exists()||!(((newData.parent().parent().isString()||newData.parent().parent().isNumber()||newData.parent().parent().isBoolean()))))&&(!newData.parent().exists()||!(((newData.parent().isString()||newData.parent().isNumber()||newData.parent().isBoolean()))))&&(newData.parent().val()==null||newData.parent().child('from').exists()&&newData.parent().child('to').exists()&&newData.parent().child('message').exists())&&(auth.username==newData.val()&&newData.exists()&&!data.exists()||$userid===auth.username&&data.exists()&&!newData.exists())&&(!newData.exists()||newData.isString())&&(newData.parent().parent().exists()&&!data.parent().parent().exists()&&auth.username!==null||data.parent().parent().exists()&&!newData.parent().parent().exists()&&$userid===auth.username)))", | ||
| ".read":"(($userid===auth.username))" | ||
| }, | ||
| "to": { | ||
| ".write":"(((!newData.parent().parent().parent().parent().parent().exists()||!(((newData.parent().parent().parent().parent().parent().isString()||newData.parent().parent().parent().parent().parent().isNumber()||newData.parent().parent().parent().parent().parent().isBoolean()))))&&(!newData.parent().parent().parent().parent().exists()||!(((newData.parent().parent().parent().parent().isString()||newData.parent().parent().parent().parent().isNumber()||newData.parent().parent().parent().parent().isBoolean()))))&&(!newData.parent().parent().parent().exists()||!(((newData.parent().parent().parent().isString()||newData.parent().parent().parent().isNumber()||newData.parent().parent().parent().isBoolean()))))&&(!newData.parent().parent().exists()||!(((newData.parent().parent().isString()||newData.parent().parent().isNumber()||newData.parent().parent().isBoolean()))))&&(!newData.parent().exists()||!(((newData.parent().isString()||newData.parent().isNumber()||newData.parent().isBoolean()))))&&(newData.parent().val()==null||newData.parent().child('from').exists()&&newData.parent().child('to').exists()&&newData.parent().child('message').exists())&&(newData.exists()&&!data.exists()||data.exists()&&!newData.exists())&&(!newData.exists()||newData.isString())&&(newData.parent().parent().exists()&&!data.parent().parent().exists()&&auth.username!==null||data.parent().parent().exists()&&!newData.parent().parent().exists()&&$userid===auth.username)))", | ||
| ".read":"(($userid===auth.username))" | ||
| }, | ||
| "message": { | ||
| ".write":"(((!newData.parent().parent().parent().parent().parent().exists()||!(((newData.parent().parent().parent().parent().parent().isString()||newData.parent().parent().parent().parent().parent().isNumber()||newData.parent().parent().parent().parent().parent().isBoolean()))))&&(!newData.parent().parent().parent().parent().exists()||!(((newData.parent().parent().parent().parent().isString()||newData.parent().parent().parent().parent().isNumber()||newData.parent().parent().parent().parent().isBoolean()))))&&(!newData.parent().parent().parent().exists()||!(((newData.parent().parent().parent().isString()||newData.parent().parent().parent().isNumber()||newData.parent().parent().parent().isBoolean()))))&&(!newData.parent().parent().exists()||!(((newData.parent().parent().isString()||newData.parent().parent().isNumber()||newData.parent().parent().isBoolean()))))&&(!newData.parent().exists()||!(((newData.parent().isString()||newData.parent().isNumber()||newData.parent().isBoolean()))))&&(newData.parent().val()==null||newData.parent().child('from').exists()&&newData.parent().child('to').exists()&&newData.parent().child('message').exists())&&(newData.exists()&&!data.exists()||data.exists()&&!newData.exists())&&(!newData.exists()||newData.isString())&&(newData.parent().parent().exists()&&!data.parent().parent().exists()&&auth.username!==null||data.parent().parent().exists()&&!newData.parent().parent().exists()&&$userid===auth.username)))", | ||
| ".read":"(($userid===auth.username))" | ||
| }, | ||
| "$other":{".validate":"false"} | ||
| } | ||
| }, | ||
| "outbox": { | ||
| ".write":"(false)", | ||
| ".read":"(($userid===auth.username))", | ||
| "$message": { | ||
| ".write":"(((!newData.parent().parent().parent().parent().exists()||!(((newData.parent().parent().parent().parent().isString()||newData.parent().parent().parent().parent().isNumber()||newData.parent().parent().parent().parent().isBoolean()))))&&(!newData.parent().parent().parent().exists()||!(((newData.parent().parent().parent().isString()||newData.parent().parent().parent().isNumber()||newData.parent().parent().parent().isBoolean()))))&&(!newData.parent().parent().exists()||!(((newData.parent().parent().isString()||newData.parent().parent().isNumber()||newData.parent().parent().isBoolean()))))&&(!newData.parent().exists()||!(((newData.parent().isString()||newData.parent().isNumber()||newData.parent().isBoolean()))))&&(!newData.exists()||!(((newData.isString()||newData.isNumber()||newData.isBoolean()))))&&(newData.val()==null||newData.child('from').exists()&&newData.child('to').exists()&&newData.child('message').exists())&&(auth.username==newData.child('from').val()&&newData.child('from').exists()&&!data.child('from').exists()||$userid===auth.username&&data.child('from').exists()&&!newData.child('from').exists())&&(!newData.child('from').exists()||newData.child('from').isString())&&(newData.child('to').exists()&&!data.child('to').exists()||data.child('to').exists()&&!newData.child('to').exists())&&(!newData.child('to').exists()||newData.child('to').isString())&&(newData.child('message').exists()&&!data.child('message').exists()||data.child('message').exists()&&!newData.child('message').exists())&&(!newData.child('message').exists()||newData.child('message').isString())))", | ||
| ".read":"(($userid===auth.username))", | ||
| "from": { | ||
| ".write":"(((!newData.parent().parent().parent().parent().parent().exists()||!(((newData.parent().parent().parent().parent().parent().isString()||newData.parent().parent().parent().parent().parent().isNumber()||newData.parent().parent().parent().parent().parent().isBoolean()))))&&(!newData.parent().parent().parent().parent().exists()||!(((newData.parent().parent().parent().parent().isString()||newData.parent().parent().parent().parent().isNumber()||newData.parent().parent().parent().parent().isBoolean()))))&&(!newData.parent().parent().parent().exists()||!(((newData.parent().parent().parent().isString()||newData.parent().parent().parent().isNumber()||newData.parent().parent().parent().isBoolean()))))&&(!newData.parent().parent().exists()||!(((newData.parent().parent().isString()||newData.parent().parent().isNumber()||newData.parent().parent().isBoolean()))))&&(!newData.parent().exists()||!(((newData.parent().isString()||newData.parent().isNumber()||newData.parent().isBoolean()))))&&(newData.parent().val()==null||newData.parent().child('from').exists()&&newData.parent().child('to').exists()&&newData.parent().child('message').exists())&&(auth.username==newData.val()&&newData.exists()&&!data.exists()||$userid===auth.username&&data.exists()&&!newData.exists())&&(!newData.exists()||newData.isString())))", | ||
| ".read":"(($userid===auth.username))" | ||
| }, | ||
| "to": { | ||
| ".write":"(((!newData.parent().parent().parent().parent().parent().exists()||!(((newData.parent().parent().parent().parent().parent().isString()||newData.parent().parent().parent().parent().parent().isNumber()||newData.parent().parent().parent().parent().parent().isBoolean()))))&&(!newData.parent().parent().parent().parent().exists()||!(((newData.parent().parent().parent().parent().isString()||newData.parent().parent().parent().parent().isNumber()||newData.parent().parent().parent().parent().isBoolean()))))&&(!newData.parent().parent().parent().exists()||!(((newData.parent().parent().parent().isString()||newData.parent().parent().parent().isNumber()||newData.parent().parent().parent().isBoolean()))))&&(!newData.parent().parent().exists()||!(((newData.parent().parent().isString()||newData.parent().parent().isNumber()||newData.parent().parent().isBoolean()))))&&(!newData.parent().exists()||!(((newData.parent().isString()||newData.parent().isNumber()||newData.parent().isBoolean()))))&&(newData.parent().val()==null||newData.parent().child('from').exists()&&newData.parent().child('to').exists()&&newData.parent().child('message').exists())&&(newData.exists()&&!data.exists()||data.exists()&&!newData.exists())&&(!newData.exists()||newData.isString())))", | ||
| ".read":"(($userid===auth.username))" | ||
| }, | ||
| "message": { | ||
| ".write":"(((!newData.parent().parent().parent().parent().parent().exists()||!(((newData.parent().parent().parent().parent().parent().isString()||newData.parent().parent().parent().parent().parent().isNumber()||newData.parent().parent().parent().parent().parent().isBoolean()))))&&(!newData.parent().parent().parent().parent().exists()||!(((newData.parent().parent().parent().parent().isString()||newData.parent().parent().parent().parent().isNumber()||newData.parent().parent().parent().parent().isBoolean()))))&&(!newData.parent().parent().parent().exists()||!(((newData.parent().parent().parent().isString()||newData.parent().parent().parent().isNumber()||newData.parent().parent().parent().isBoolean()))))&&(!newData.parent().parent().exists()||!(((newData.parent().parent().isString()||newData.parent().parent().isNumber()||newData.parent().parent().isBoolean()))))&&(!newData.parent().exists()||!(((newData.parent().isString()||newData.parent().isNumber()||newData.parent().isBoolean()))))&&(newData.parent().val()==null||newData.parent().child('from').exists()&&newData.parent().child('to').exists()&&newData.parent().child('message').exists())&&(newData.exists()&&!data.exists()||data.exists()&&!newData.exists())&&(!newData.exists()||newData.isString())))", | ||
| ".read":"(($userid===auth.username))" | ||
| }, | ||
| "$other":{".validate":"false"} | ||
| } | ||
| } | ||
| "$user_id": { | ||
| ".write":"((root.child('/rels/workspaces/users/').child($workspace_id).child(auth.id).child('role').val()=='administrator'))", | ||
| ".validate":"((root.child('/rels/workspaces/users/').child($workspace_id).child(auth.id).child('role').val()=='administrator'))", | ||
| ".read":"false" | ||
| } | ||
| }, | ||
| "$other":{".validate":"false"} | ||
| } | ||
| } | ||
| } |
@@ -167,3 +167,7 @@ require('source-map-support').install(); | ||
| if (node.type == "Identifier") { | ||
| if (node.name == "next") { | ||
| if (node.name == "data") { | ||
| node.expr_type = "rule"; | ||
| } else if (node.name == "newData") { | ||
| node.expr_type = "rule"; | ||
| } else if (node.name == "next") { | ||
| node.update("newData"); | ||
@@ -183,4 +187,6 @@ node.expr_type = "rule"; | ||
| } else if (symbols.variables[node.name]) { | ||
| var label = node.name; | ||
| node.update(symbols.variables[node.name].source()); | ||
| node.expr_type = symbols.variables[node.name].expr_type; | ||
| node.label = label; | ||
| } | ||
@@ -196,2 +202,4 @@ } else if (node.type == "Literal") { | ||
| } else if (node.type == "MemberExpression") { | ||
| console.log("MemberExpression:", node); | ||
| if (node.object.expr_type == "rule") { | ||
@@ -225,3 +233,7 @@ node.expr_type = null; | ||
| } else if (node.property.expr_type == 'value') { | ||
| node.update(node.object.source() + ".child(" + node.property.source() + ")"); | ||
| if (node.property.label && !isArraySyntaxMemberExpression(node)) { | ||
| node.update(node.object.source() + ".child('" + node.property.label + "')"); | ||
| } else { | ||
| node.update(node.object.source() + ".child(" + node.property.source() + ")"); | ||
| } | ||
| node.expr_type = "rule"; | ||
@@ -331,2 +343,6 @@ } else { | ||
| exports.Expression = Expression; | ||
| function isArraySyntaxMemberExpression(node) { | ||
| return node.source().slice(node.object.source().length).trim().charAt(0) == '['; | ||
| } | ||
| //# sourceMappingURL=expression.js.map |
@@ -207,3 +207,3 @@ /// <reference path="../types/node.d.ts" /> | ||
| //console.log("identifier: ", node.name); | ||
| /* | ||
| if(node.name == "data"){ | ||
@@ -213,3 +213,3 @@ node.expr_type = "rule" | ||
| node.expr_type = "rule" | ||
| }else*/ if(node.name == "next"){ | ||
| }else if(node.name == "next"){ | ||
| node.update("newData"); | ||
@@ -229,4 +229,6 @@ node.expr_type = "rule" | ||
| }else if(symbols.variables[node.name]){ | ||
| var label = node.name; | ||
| node.update(symbols.variables[node.name].source()); | ||
| node.expr_type = symbols.variables[node.name].expr_type | ||
| node.label = label; | ||
| } | ||
@@ -245,5 +247,4 @@ | ||
| //node.state = new C_VAL(node.value, mem); | ||
| }else if(node.type == "MemberExpression"){ | ||
| //console.log("MemberExpression:", node); | ||
| console.log("MemberExpression:", node); | ||
@@ -294,3 +295,11 @@ //if the object is a type (rules, map or value) it unlocks different valid properties | ||
| //not recognised member, so it must be an implicit child relation (without quotes in child) | ||
| node.update(node.object.source() + ".child(" + node.property.source() + ")"); | ||
| if (node.property.label && !isArraySyntaxMemberExpression(node)) { | ||
| //data.a should stay as property.a, we don't want to use variable substitution in the property | ||
| //so we use the orginal label | ||
| node.update(node.object.source() + ".child('" + node.property.label + "')"); | ||
| } else { | ||
| //data[a] should stay as property.a, we don;t want to use variable substitution in the property | ||
| //so we use the orginal label | ||
| node.update(node.object.source() + ".child(" + node.property.source() + ")"); | ||
| } | ||
| node.expr_type = "rule" | ||
@@ -406,2 +415,10 @@ | ||
| } | ||
| } | ||
| /** | ||
| * figures out whether this is data.a or data[a] syntax | ||
| * @param node | ||
| */ | ||
| function isArraySyntaxMemberExpression (node): boolean { | ||
| return node.source().slice(node.object.source().length).trim().charAt(0) == '['; | ||
| } |
@@ -9,3 +9,3 @@ var fs = require("fs"); | ||
| function run() { | ||
| console.log("working?", checkScenario("./test/scenarios/parent2.yaml")); | ||
| console.log("working?", checkScenario("./test/scenarios/function6.yaml")); | ||
| } | ||
@@ -12,0 +12,0 @@ |
@@ -15,3 +15,3 @@ /// <reference path="../types/nodeunit.d.ts" /> | ||
| //called if this file is run, used to enable runtime debugging | ||
| console.log("working?", checkScenario("./test/scenarios/parent2.yaml")) | ||
| console.log("working?", checkScenario("./test/scenarios/function6.yaml")) | ||
| } | ||
@@ -18,0 +18,0 @@ |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
No alert changes
Improved metrics
- Total package byte prevSize
- increased by12.63%
568021
- Number of package files
- increased by7.94%
136
- Lines of code
- increased by15.02%
6990
- Number of lines in readme file
- increased by0.7%
433
Worsened metrics
- Number of low supply chain risk alerts
- increased by16.67%
7
No dependency changes