firestore-validate-rules

Overview

The firestore-validate-rules tool validates Firestore security rules syntax and semantic correctness without deploying them. It provides detailed error reporting with source positions and code snippets.

Configuration

tools:
  firestore-validate-rules:
    kind: firestore-validate-rules
    source: <firestore-source-name>
    description: "Checks the provided Firestore Rules source for syntax and validation errors"

Authentication

This tool requires authentication if the source requires authentication.

Parameters

Parameter	Type	Required	Description
source	string	Yes	The Firestore Rules source code to validate

Response

The tool returns a ValidationResult object containing:

{
  "valid": boolean,           // Whether the rules are valid
  "issueCount": number,       // Number of issues found
  "formattedIssues": string,  // Human-readable formatted issues
  "rawIssues": [              // Array of raw issue objects
    {
      "sourcePosition": {
        "fileName": string,
        "line": number,
        "column": number,
        "currentOffset": number,
        "endOffset": number
      },
      "description": string,
      "severity": string      // e.g., "ERROR", "WARNING"
    }
  ]
}

Example Usage

Validate simple rules

{
  "source": "rules_version = '2';\nservice cloud.firestore {\n  match /databases/{database}/documents {\n    match /{document=**} {\n      allow read, write: if true;\n    }\n  }\n}"
}

Example response for valid rules

{
  "valid": true,
  "issueCount": 0,
  "formattedIssues": "✓ No errors detected. Rules are valid."
}

Example response with errors

{
  "valid": false,
  "issueCount": 1,
  "formattedIssues": "Found 1 issue(s) in rules source:\n\nERROR: Unexpected token ';' [Ln 4, Col 32]\n```\n      allow read, write: if true;;\n                               ^\n```",
  "rawIssues": [
    {
      "sourcePosition": {
        "line": 4,
        "column": 32,
        "currentOffset": 105,
        "endOffset": 106
      },
      "description": "Unexpected token ';'",
      "severity": "ERROR"
    }
  ]
}

Error Handling

The tool will return errors for:

Missing or empty source parameter
API errors when calling the Firebase Rules service
Network connectivity issues

Use Cases

Pre-deployment validation: Validate rules before deploying to production
CI/CD integration: Integrate rules validation into your build pipeline
Development workflow: Quickly check rules syntax while developing
Error debugging: Get detailed error locations with code snippets

firestore-get-rules: Retrieve current active rules
firestore-query-collection: Test rules by querying collections