-
Notifications
You must be signed in to change notification settings - Fork 919
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
init
should not change database security rules
#134
Comments
init
should not change database security rules
Hmm, this is a bit of a pickle. We're trying to sever the project-specific parts of What do you think? |
I think if my Firebase has non-default security rules, then cli should consider it already initialized. I think it can be like git merge. Which ever side has non-default rules, wins. If both sides have non-default non-matching rules, then a conflict is the right behavior. In case of a conflict, cli can ask use to take either remote or local rules. This is what I can think off of the top of my head. |
Hey @mbleigh, I think by default Sounds great to prompt to download your existing rules by It would be awesome to have a rollback feature for rules that have been set/configure by the CLI. |
@jobsamuel great ideas here! Could you submit the rollback feature as a separate request? |
Done @katowulf 😎 |
Also note that that the database rules get overwritten even if you choose "hosting" when doing a "firebase init". So you can wipe out your handwritten rules for the database side of your project just by configuring hosting. This bug wiped out hundreds of lines of custom rules for us. It isn't clear to me how to safely set up a new developer machine using the firebase CLI tools in a way that is assured not to bash an existing configuration. Maybe something like "firebase pull" that would copy an existing config to a local dir. |
The pull request has now been merged into Master (see above). @tamalsaha let me know if this addresses concerns that you have, and whether there are unresolved concerns that would warrant another issue. |
I have an existing Firebase app that I upgraded to the new console. Then in an empty folder I ran
firebase init
and completed the prompts. In the end, I get a database.rules.json file with globally read-write enable rules.{ ".read": true, ".write": true }
But I actually have configured more restrictive security rules from the old console. Those rules are still present in the new console. I think the
init
command should use existing security rules for an app. Please look into this.Thanks.
The text was updated successfully, but these errors were encountered: