Intermediate topics in Firebase Security Rules - Firecasts

preview_player
Показать описание
You know the basics of Security Rules but would like to get into some more interesting topics such as querying other documents or limiting access to certain fields? You have come to the right place on this new episode of Firecasts by Todd Kerpelman and Rachel Myers!

Chapters:
0:00 Introduction and recap of unit testing security rules
1:20 Simple security and tests with Firebase Auth
4:08 Custom auth claims
8:59 Security based on user lists
14:09 Custom functions in security rules
16:40 Adding required fields in new documents
18:45 Using let to create variables in security rules
19:25 Allowing only approved fields in new documents
21:53 Allowing users to only change certain fields
23:30 Debugging security rules
25:40 The mapDiff object
28:24 Summary

Resources:

#Firecasts #Firebase #SecurityRules
  1. Firebase
  2. GDS: Yes
  3. intermediate topics in security rules
  4. intermediate topics in firebase security rules
  5. firebase security rules
  6. firecasts
Рекомендации по теме
Intermediate topics in 0:29:37

Intermediate topics in Firebase Security Rules - Firecasts

Firebase Security in 0:02:20

Firebase Security in 100 Seconds

Firebase Security Rules 0:50:04

Firebase Security Rules Tutorial: Protecting Your App's Data | Firebase Bootcamp #17

100 Firebase Tips, 0:24:31

100 Firebase Tips, Tricks, and Screw-ups

Firestore Security Rules 0:17:56

Firestore Security Rules Pro Tips (Save 90% Time) | Advanced Firebase/Firestore

HTML5DeConf: Erik Beeson, 0:34:10

HTML5DeConf: Erik Beeson, shelv.es: Advanced Firebase: Querying, Indexing, and Security Rules

Getting Started with 0:08:00

Getting Started with Firebase Security Rules

Firebase Security Rules 0:51:01

Firebase Security Rules

Firebase security rules 0:09:13

Firebase security rules (Detailed Description)

Protecting Your Cloud 0:36:01

Protecting Your Cloud Data - An Intro to Firebase Security Rules by Sylvia Dieckmann

Secure your Firebase 0:12:30

Secure your Firebase app from the start

Best practices for 0:12:46

Best practices for Firebase Messaging

Firestore Security Rules 0:12:46

Firestore Security Rules Setup | Advanced Firebase/Firestore

Best Programming Languages 0:00:16

Best Programming Languages #programming #coding #javascript

Firebase 010: Firebase 0:05:49

Firebase 010: Firebase Storage Security Rules

RabbitMQ in 100 0:02:31

RabbitMQ in 100 Seconds

Flutter Firebase & 0:12:20

Flutter Firebase & DDD Course [32] - Security Rules & Finish!

Are You Following 0:02:43

Are You Following This Vue Best Practice?

Firebase Security Rules 0:05:32

Firebase Security Rules with Mike McDonald - #AskFirebase

Role based user 0:05:44

Role based user Authentication in Firebase security

Programming Language Tier 0:00:55

Programming Language Tier List

Cache Systems Every 0:05:48

Cache Systems Every Developer Should Know

How to debug 0:08:17

How to debug Firebase Firestore rules?

what it’s like 0:00:25

what it’s like to work at GOOGLE…

Комментарии
Автор

Idk why this video only has 365 likes. This is real gold

Drewmssu
Автор

This is the most useful content I have gotten from this channel. It brought me from "how am I ever going to make this succure" to "I better watch out for the edge cases". Thanks so much for the great job!

MartinRyleOShea
Автор

Lord, this is so good, I would careless about the DSL and just do everything in my own backend, but now I can unit test them! I can add them confidently in my clientside code, and save loads of code on the backend side, pure gold, thanks a lot!

albertgao
Автор

Excellent, thanks for this one Todd. I seem to get to this point, each time I create new fire store project. It’s nice too have all this info in one video. Looks like there is a bunch of new useful capabilities in security rules to simplify the rule writing.

mysomervda
Автор

This is gold. Thanks so much Firebase team!

smorebytes
Автор

This is the best video I’ve seen in this series so far. Detailed rules explanation and the new tricks of debug and mapdiff AND unit tests... 🥳 Thank you 🙏

GAschill
Автор

This was super informative, I will be using this video as a reference again and again. I'm creating a retail app with customer messaging and sharing (Firestore at the core), so I really need to utilise these security methods - thank you Todd & Rachel!

RobinYoulton
Автор

Excellent video. One really helpful emulator feature would be to log out which rule "allowed the operation." I came to this video after beating my head against the wall trying to figure out why a create succeeded when it should have failed. I have two create rules for the path.I was was forgetting to set up the database such that the first rule failed. So my second rule (the one under test) was never getting evaluated. Your debug("this is getting called") tip helped me figure this out. But it might be nice to be able to see this in the log automatically. Thanks!

christophercarson
Автор

This series of videos is super helpful and very clear. I would love a Firecast on how to unit test firebase functions. Especially functions that react to and modify firestore and realtime database. (in the emulators). Thanks for the great videos!

nathanpannell
Автор

LOL. "Goodbye to our wonderful viewers" hahaha. Thanks a lot to both of you and the Firebase team for putting together this super easy to follow and didactic videos. It means a lot to gain adoption of a complex and awesome platform like Firebase is!

cgadam
Автор

That was incredible! I would love to see what security roles can be placed around following users, and being notified based on another user's specific actions.

davidkim
Автор

This is awesome. Definitely learned a lot! Thank you!

dc
Автор

much <3 you're the best (whenever I hit a road block, I check out these videos and end up finding solutions for my current problems!)

AchillRudolph
Автор

Consider a social app where user_abc will be allowed to see 7 out of 10 fields for locked users unless the user_abc unlocks (by paying some credits) a particular user user_def. After unlock all the fields for user_def can be visible but only 7 fields for still other locked users.

maniyalraj
Автор

I really like this guy. Super awesome engineer.

teze
Автор

Excellent content.

Would like more discussion on rules and patterns pertaining to queries.

Something like collection("orderItems", ref => ref.where("orderId", "==", someOid") ... and how the security rules should only allow the creator of that orderItem to read it (stored in creatorId on the document).

SariAlHiari
Автор

This is great and very helpful. I *DO* wish I could just call out "Hey Rachel" to help in real time!! ;-)

vballaddict
Автор

@19:05, I would get errors if I tried to use let requiredFields. If I just directly put the list into .hasAll(["authorId"...]) it works

botable
Автор

Is it possible to work with the items of the set that is returned by MapDiff? Like get one of the items and check it for some value (not just with hasAll() hasAny(), really access to one item)

You could look that only one property of one item in one list has changed if you can do this.

myname
Автор

It would be helpful if I could use a Cloud Function that resolves to a boolean in the security rules. I have a case where I need to check for and prohibit overlaps between events on a calendar and right now that forces me to use Cloud Functions instead of continuing the serverless experience.

Lestibournes