4 Types of Firebase Realtime Database Rules:
- .read has the power to access all the data.
- .write has the ability to edit, create, and delete any kind of data.
- .validate can check the format of the data.
- .indexOn allows us to create an index so that we can order and query the data effortlessly.
10 Examples of Security Rules of Firebase Realtime Databases
Below are the ten examples regarding the security rules of Firebase realtime databases.
No Security
.write= true & .read= true means everyone is able to write and read your database even if it is not a user of your application.
During the development of the application, you can set public rules so that you can easily write and read your database easily.
Keep in mind, don’t ever use in the production No Security Rules otherwise, anyone can access your important data.
You can use it for prototyping especially when authentication isn’t an essential part of your app.\
Full Security
These rules are provided by default.
In Full Security Rules, you can’t write and read access to your database.
If you are adding these rules, you can just access your database in the Firebase Console Dashboard.
Just Authenticated Users Can Write (Access) Data
Users can write and read data if they are authenticated into the app.
Authenticate User from a Special Domain
The rule is useful when you want to authentic your users only if they’re registered from a particular domain.
User Data Only
Users grant access which is authenticated by Firebase.
Here $uid, shown in the below code example, is the unique ID of every Firebase authenticated user and $uid also represents a wildcard.
Firebase database gives a wildcard path that is used to describe dynamic child keys & IDs.
I’ve also explained in detail wildcard in Firebase Storage Rules.
No comments:
Post a Comment