Understanding Firestore Security Rules with Examples 

Thank you so much for the explanation man... You explained it way better than the Firebase guys

What a fantastic video! Like a missing manual! I am about to build a more complex app with some access levels scheme. Wasn't sure about how and where I should split the access responsibilities between the FE app and rules. Now it is more clear to me. Please make more videos about rules, please do!

I love how absolutely no one shows how to validate data from a parent document inside a subcollection... or working with subcollections at all.

Absolutely indebted to you. Saved my firestore database, which was rendered obsolete.

Thank you, the best tutorial about Firestore rules that I have found. Even if you aren't using Firebase for a Ionic application this video will help you. Thanks again!!

This is exactly what I needed right now. I can finally understand how to get started with these functions

a little closer, a little closer. Oh, you finally reached what I was exactly looking for. Thanks

The best explanation so far. Thank you man

Great video, thanks!

Simple tutorial but helped a lot. Thank you my friend

I really appreciate your explanations. Thank you so much!

Really good bro for this teaching.

thanks for the great lesson.

great stuff!

Makes a lot of sense, thanks

can u show a tutorial showing a "role" validation? e.g. Admin user can perform CRUD to all users, but "Employee" user can only READ their own doc

Excellent.

Thank you!!!!!!!!!

Hey Josh, nice video!! What about firestore security rules with authentication and role-based security? I don't know if there's something already implemented within firestore or if the role-based security logic has to be implemented by us from scratch. Thank you!

Hi! Nice video. I have a chat system but I don't use Google authentication. I only use firebase for messages between users. What would be the best rules for me? Allow only my domain?

Thanks a ton man. Really helpful \m/

Thank you, ❤️ I am looking for data validation. I don't want duplicate the values in the data base such int value of some id

Can you help us with some tutorial about role-based rules ?

hi Josh, how to prevent uid not written / store to the document? as we would not want uid stored everywhere

thanks so much. What about making rules to list only user's posts for that user only?

Thank you bro 👍

Can somebody explain how these security rules works? Why does it seem like ANYONE can spoof the payload content and bypass the security rules?

Do you think a malicious user can bypass the security rules if they set their uid as " " empty in a doc and somehow in their payload the uid was also " " empty.

thanks

how to incorporate it in the javascript web app? and how to give permissions to custom user id and password

Where can we find the simulator?

Can you explain how use/make in-app purchases?

amazinf bro thanks

How to restrict read from specific IP address only?

Can I write to expire disable a document after x interval since it was created?

hello from germany! I implemented an android app using the firebase remote config and iam not using the database to store documents. My app request only a string from remote config to encrypt the local sqlite database on the smartphone. Is it necessary to set security rules even if iam not using the database? Thanks!

Awe-so-me tutorial.

Work step by step and show real example

I am here Aug 2021

this does not work anymore

good

If someone wants to save some time. 4:00

I wish you showed your database and created a simple database to show what you are searching. I did not really get what you are doing when you put braces and write collection name in singular form...... PASS..

nervous mouse; yikes

Podata, podata

Can somebody explain how these security rules works? Why does it seem like ANYONE can spoof the payload content and bypass the security rules?

How to validate duplicate entries?

thanks