Firebase Realtime Database Rules

The Firebase Realtime Database Rules determine who can read and write access to your database. You may be the one who does not explain the rules.

The rules are important for the safety stated by a Google in an I / O event.

Firebase Realtime

Did you know?

The Firebase server stores rules for security purposes.

In addition, you can change your rules from the Firebase console.

How can you do this?

Select your project, click on the database and hit the rules.

4 Types of Firebase Realtime Database Rules:

.read has the power to access all the data.

.write has the ability to edit, create, and delete any kind of data.

.validate can check the format of the data.

.indexOn allows us to create an index so that we can order and query the data effortlessly.

10 Examples of Security Rules of Firebase Realtime Databases

Below are ten examples of Firebase realtime database security rules.

1. No Security

.write = true & .read = true means that everyone is capable of writing and reading your database, even if it is not a user of your application.

During application development, you can set public rules so that you can easily write and read your database easily.

Keep in mind, never use security rules in production otherwise, anyone can access your important data.

You can use it specifically for prototyping when authentication is not an essential part of your app.

2. Full Security

These rules are provided by default.

In complete security rules, you cannot write and read access to your database.

If you are adding these rules, you can access your database in the Firebase console dashboard.

3. Just Authenticated Users Can Write (Access) Data

Users can write and read data if they are authenticated in the app.

4. Authenticate User from a Special Domain

This rule is useful when you want to authenticate your users only when they are registered with a particular domain.

5. User Data Only

Users provide access that is authenticated by Firebase.

The $ uid here, shown in the code example below, is the unique ID of every Firebase authenticated user and the $ uid also represents a wildcard.

The Firebase database returns a wildcard path that is used to describe dynamic child keys and IDs.

6. Just Validate User from the Different Location in the Database

You can validate the user from the specified location in the database.

In the example below "user" is a child node specified somewhere in the database that has a child node of "moderator".

You can validate if the "Moderator" node value is equal to "True".

7. Validate String Length and Datatype

You can also validate any type of string length or datatype.

In the example below, I specified three rules.
  • The first is "newData.isString ()" which defines that the datatype is in string format.
  • Second "newData.val (). Length> 0" string value must not be null.
  • Third "newData.val (). Length <= 140" string value must be less than 141 characters.

8. Check Child Attributes Presence

You can also check for the presence of a specific child node in the database.

In the example below "[" username, amp timestamp "], I specified an array that contains child nodes in the database.

9. Validate the Timestamp

In the example below "newData.val () <= now" you can validate your data that has been kept or is available in the past.

"Now" represents the current available time in milliseconds.

10. Preventing Deletion and Updation

In the example below, "data.exists ()" allows you to write data to a database if data is not available in the database. Once the data is added, you cannot delete or update the data.

You May Also Like,

Post a Comment