fix: authenticate as admin user when ssl:false is set#1095
fix: authenticate as admin user when ssl:false is set#1095schmidt-sebastian merged 1 commit intogoogleapis:masterfrom
Conversation
googlebot
added
the
cla: yes
yuchenshi
force-pushed
the
patch-1
branch
2 times, most recently
from
8b2a4bd to
47a2623
Compare
schmidt-sebastian
left a comment
schmidt-sebastian
left a comment
There was a problem hiding this comment.
Please verify that it is already not possible to connect to a Firestore backend with grpc.credentials.createInsecure() before merging.
schmidt-sebastian
left a comment
schmidt-sebastian
left a comment
There was a problem hiding this comment.
Oh, one more thing: Before merging, you need to update your PR title as it will be used to generate release notes. Something like:
fix: authenticate as admin user when ssl:false is set
This fixes firebase/firebase-js-sdk#3105 (comment). Before this change, `db.settings({..., ssl: false})` will connect but without any credentials (similar to a client device that is not logged in), which causes Firestore Emulator to evaluate security rules for requests. This is surprising for an Admin SDK and it is extremely hard to troubleshoot. After this change, the same code should correctly behave like admin. This also provides one additional way to get admin privileges in the Firestore Emulator if for some reasons the environment variables is not viable / desirable.
yuchenshi
changed the title
Done. |
Verified that https://grpc.github.io/grpc/node/grpc.credentials.html#.createInsecure also drops all credentials and cannot be combined with other credentials. |
schmidt-sebastian
added
the
kokoro:force-run
yoshi-kokoro
removed
the
kokoro:force-run
|
This change somehow broke the |
5 participants
This fixes firebase/firebase-js-sdk#3105 (comment).
Before this change,
db.settings({..., ssl: false})will connect but without any credentials (similar to a client device that is not logged in), which causes Firestore Emulator to evaluate security rules for requests. This is surprising for an Admin SDK and it is extremely hard to troubleshoot.After this change, the same code should correctly behave like admin. This also provides one additional way to get admin privileges in the Firestore Emulator if for some reasons the environment variables is not viable / desirable.