firebase · hsubox76 · Jul 18, 2023 · Jul 13, 2023 · Jul 14, 2023 · Jul 14, 2023
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,4 @@
 - Fixed bug where `functions:secrets:set` didn't remove stale versions of a secret. (#6080)
 - Fixed bug where `firebase deploy --only firestore:named-db` didn't update rules. (#6129)
 - Fixed issue where Flutter Web is not detected as a web framework. (#6085)
+- Add better messages for API permissions failures that direct the user to the URL to enable the API. (#6130)
diff --git a/firebase-vscode/CHANGELOG.md b/firebase-vscode/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Change Log
 
+## 0.0.24-alpha.1
+
+- Add more user-friendly API permission denied messages
+
 ## 0.0.24-alpha.0
 
 - Remove Google sign-in option from Monospace.

diff --git a/firebase-vscode/package-lock.json b/firebase-vscode/package-lock.json
diff --git a/firebase-vscode/package.json b/firebase-vscode/package.json
@@ -3,7 +3,7 @@
   "displayName": "firebase-vscode",
   "publisher": "firebase",
   "description": "VSCode Extension for Firebase",
-  "version": "0.0.24-alpha.0",
+  "version": "0.0.24-alpha.1",
   "engines": {
     "vscode": "^1.69.0"
   },

diff --git a/firebase-vscode/src/workflow.ts b/firebase-vscode/src/workflow.ts
@@ -339,7 +339,7 @@ export async function setupWorkflow(
       readAndSendFirebaseConfigs(broker, context);
       broker.send("notifyHostingInitDone",
         { success, projectId, folderPath: currentOptions.cwd, framework: currentFramework });
-      await fetchChannels(true);
+      await fetchChannels(broker, true);
     } else {
       broker.send("notifyHostingInitDone",
         { success, projectId, folderPath: currentOptions.cwd });

diff --git a/src/ensureApiEnabled.ts b/src/ensureApiEnabled.ts
@@ -40,6 +40,10 @@ export async function check(
   return isEnabled;
 }
 
+function isPermissionError(e: { context?: { body?: { error?: { status?: string } } } }): boolean {
+  return e.context?.body?.error?.status === "PERMISSION_DENIED";
+}
+
 /**
  * Attempt to enable an API on the specified project (just once).
  *
@@ -68,8 +72,30 @@ async function enable(projectId: string, apiName: string): Promise<void> {
       )} can't be enabled until the upgrade is complete. To upgrade, visit the following URL:
 
 https://console.firebase.google.com/project/${projectId}/usage/details`);
+    } else if (isPermissionError(err)) {
+      const apiPermissionDeniedRegex = new RegExp(
+        /Permission denied to enable service \[([.a-zA-Z]+)\]/
+      );
+      // Recognize permission denied errors on APIs and provide users the
+      // GCP console link to easily enable the API.
+      const permissionsError = apiPermissionDeniedRegex.exec((err as Error).message);
+      if (permissionsError && permissionsError[1]) {
+        const serviceUrl = permissionsError[1];
+        // Expand the error message instead of creating a new error so that
+        // all the other error properties (status, context, etc) are passed
+        // downstream to anything that uses them.
+        (err as Error).message = `Permissions denied enabling ${serviceUrl}.
+        Please ask a project owner to visit the following URL to enable this service:
+
+        https://console.cloud.google.com/apis/library/${serviceUrl}?project=${projectId}`;
+        throw err;
+      } else {
+        // Regex failed somehow - show the raw permissions error.
+        throw err;
+      }
+    } else {
+      throw err;
     }
-    throw err;
   }
 }