Understanding Firestore Security Rules with Examples

Thank you!!!!!!!!!

Great video, thanks!

Where can we find the simulator?

hi Josh, how to prevent uid not written / store to the document? as we would not want uid stored everywhere

I wish you showed your database and created a simple database to show what you are searching. I did not really get what you are doing when you put braces and write collection name in singular form...... PASS..

thanks for the great lesson.

this does not work anymore

I really appreciate your explanations. Thank you so much!

great stuff!

I am here Aug 2021

Makes a lot of sense, thanks

This is exactly what I needed right now. I can finally understand how to get started with these functions

How to validate duplicate entries?

Thank you, ❤️ I am looking for data validation. I don't want duplicate the values in the data base such int value of some id

How to restrict read from specific IP address only?

Absolutely indebted to you. Saved my firestore database, which was rendered obsolete.

Simple tutorial but helped a lot. Thank you my friend

nervous mouse; yikes

thanks

What a fantastic video! Like a missing manual! I am about to build a more complex app with some access levels scheme. Wasn't sure about how and where I should split the access responsibilities between the FE app and rules. Now it is more clear to me. Please make more videos about rules, please do!

how to incorporate it in the javascript web app? and how to give permissions to custom user id and password

can u show a tutorial showing a "role" validation? e.g. Admin user can perform CRUD to all users, but "Employee" user can only READ their own doc

Can somebody explain how these security rules works? Why does it seem like ANYONE can spoof the payload content and bypass the security rules?

Can somebody explain how these security rules works? Why does it seem like ANYONE can spoof the payload content and bypass the security rules?

Really good bro for this teaching.

Thanks a ton man. Really helpful \m/

Excellent.

a little closer, a little closer. Oh, you finally reached what I was exactly looking for. Thanks

The best explanation so far. Thank you man

Podata, podata

Hi! Nice video. I have a chat system but I don't use Google authentication. I only use firebase for messages between users. What would be the best rules for me? Allow only my domain?

Thank you bro 👍

Awe-so-me tutorial.

amazinf bro thanks

Can I write to expire disable a document after x interval since it was created?

thanks so much. What about making rules to list only user's posts for that user only?

hello from germany! I implemented an android app using the firebase remote config and iam not using the database to store documents. My app request only a string from remote config to encrypt the local sqlite database on the smartphone. Is it necessary to set security rules even if iam not using the database? Thanks!

Work step by step and show real example

Can you help us with some tutorial about role-based rules ?

Thank you, the best tutorial about Firestore rules that I have found. Even if you aren't using Firebase for a Ionic application this video will help you. Thanks again!!

Do you think a malicious user can bypass the security rules if they set their uid as " " empty in a doc and somehow in their payload the uid was also " " empty.

I love how absolutely no one shows how to validate data from a parent document inside a subcollection... or working with subcollections at all.

thanks

good

Hey Josh, nice video!! What about firestore security rules with authentication and role-based security? I don't know if there's something already implemented within firestore or if the role-based security logic has to be implemented by us from scratch. Thank you!

Can you explain how use/make in-app purchases?