Honesty You are far better than even google's Firebase channel! We expect more videos like this.
@chedders2 жыл бұрын
pls does this apply to the real time data base
@zakiaarif35234 жыл бұрын
The best explanation of security rules I have ever seen...GOOD JOB
@mgbhadurudeen3363 жыл бұрын
You are far better than even google's Firebase channel! We expect more videos on this.
@bilbobolsondefu47893 жыл бұрын
four hours trying to find a tutorial like this. quite bad google,s firebase channel
@chedders2 жыл бұрын
This is so true you are very correct.. he is far better
@manoj-k2 жыл бұрын
🔥🔥🔥 Best of all security rules video! Thank you 🙏
@austinevick4 жыл бұрын
Thanks alot you saved the day
@jcavenue2 жыл бұрын
I really recommend this channel! if your looking to learn firebase for your projects
@ericogieaghahowa63473 жыл бұрын
Best lecture from an Indian. Thank you so much.
@someshsahu46382 жыл бұрын
Very nice and detailed explanation thankyou so much 🙏🏼🙏🏼🙏🏼
@paulovinicius99403 жыл бұрын
Dude, wtf! Why are you not at MIT? You are the best teacher in the freaking history! Like and Sub!
@mafiacodes3 жыл бұрын
Thanks bro, m glad u liked my content
@duchailu2 жыл бұрын
i know it's 3 years later ^^ but man this video deserves a like !!
@mcifci4 жыл бұрын
I'm researching about the rules, only you explained clearly firestore rules, we need you bro, also you should explain rules of storage, if you have free time
@mafiacodes4 жыл бұрын
the rules work the same way, for example: incase u have a folder named images the u write match /images/{image} ....
@mcifci4 жыл бұрын
@@mafiacodes thank you man, yeah ı did it like you say, u r great bro ;)
@bala-st9cj2 жыл бұрын
this is better than the firebase documentation
@mafiacodes2 жыл бұрын
subscribe like share
@tariiqd2 жыл бұрын
Great tutorial. Keep it up!
@captainmichaelj23213 жыл бұрын
Please continue to provide us with great youtube tutorials, this video clearly explained the rules and I was able to solve my issue I have been struggling for days.
@mafiacodes3 жыл бұрын
Glad it helps
@H1MANSHU Жыл бұрын
you just explained it amazingly ! Thank you
@sat_talk3 жыл бұрын
Thanks bro.. very clear and simple explanation.. ... keep it up
@mobiletracer40054 жыл бұрын
This the best video all others are boring and complex , great job!
@gyenabubakar2 жыл бұрын
This is by far the best intro video on Firestore Security Rules I've seen. Good stuff!
@CodeWithSharon3 жыл бұрын
I have been searching for this stuff...finally i found it from you bro...you explained it like crystalline ...thank you so much bro
@mafiacodes3 жыл бұрын
Subscribe like share
@TheSpiralnotizblock3 жыл бұрын
Your video is worth of gold! Thank you so much
@moganesanm9733 жыл бұрын
thank you so much for your clear explanation
@Amro-Omran Жыл бұрын
Excellent 👍
@jayantadas-vf2hf3 жыл бұрын
thanks again
@mirak4743 жыл бұрын
Such a good explanation, thank you for teaching me how to write an application with firestore integration
@mafiacodes3 жыл бұрын
Glad u like it
@ajaykotiyal4273 жыл бұрын
Excellent explaination with simple examples.
@christiandavidvalenzuelago49553 жыл бұрын
YOU HAVE THE BEST EXPLICATION!! EXCELENT JOB AND THANKS! 🙌🙌🙌
@mvrdara4 жыл бұрын
Thanks You explained clearly.
@umniahalhalaby21103 жыл бұрын
thank you
@Daddytronics2 жыл бұрын
Great work thank you
@pratyushkarn113311 ай бұрын
Very good Content
@MrJatan903 жыл бұрын
Amazing tutorial man, thank you so much!
@yao16464 жыл бұрын
Thanks for this fine explanation
@mafiacodes4 жыл бұрын
Thanks, subscribe like share
@rodrickngonyoku50422 жыл бұрын
God bless you
@mafiacodes2 жыл бұрын
subscribe like share
@mohamedyoussef8835 Жыл бұрын
Awesome video ++++++++ 😃
@mcifci4 жыл бұрын
Hi bro, can you make another video about rules, like this but a little bit more complex, using a simple chat app for example
@maheshgharage84802 жыл бұрын
Thanks for vedio
@mafiacodes2 жыл бұрын
Subscribe like share
@alilishan4 жыл бұрын
Brilliant!!!
@mafiacodes4 жыл бұрын
Subscribe like share
@BhajanVishv4 жыл бұрын
if possible please make a video on how to restrict a user to read data specific number of times so that it will reduce unnecessary spam of reads that cost us, I searched everywhere but nobody explained this concept
@mafiacodes4 жыл бұрын
well its typical, and probably u should not do so, better would be to optimise the db schema.
@AhsanAli-vz6mg4 жыл бұрын
thanks brother
@mafiacodes4 жыл бұрын
Subscribe like share
@rezahosseinypour66694 жыл бұрын
helped a lot
@mafiacodes4 жыл бұрын
Subscribe like share
@ShourovRoy-pk5zm2 жыл бұрын
Rules for upvote or downvote or comments to others post. What should I do
@pratyushkarn113311 ай бұрын
How can i Make a User Admin and Check He Is Admin please help
@infantraj4289 Жыл бұрын
Hi brother, I understand clearly so, Thanks for that. Would you tell me, Is there possible to write security rules without firebase auth. Because I have managed the authentication of other backend APIs (It is mandatory). Please tell me.
@gurubhai4918 Жыл бұрын
Acha hai dost, but security roles ? Admin can do all, less privileged users do less etc ?
@ayazrafai62734 жыл бұрын
Very nice explanation!!! Should I apply a subcollection rule based on the super collection hierarchy? Here, Let's suppose I have a "group" collection as your notes and inside that, I have "posts" collection. Now, I would like to allow users to add a post in case the user is an admin or a member of the "group" collection only. "group" collection will be having an array of "members" Please let help me to get this applied. Thank you!
@mafiacodes4 жыл бұрын
Yes you can apply
@mobiletracer40054 жыл бұрын
I had a doubt how we do we set the same rules firebase cloud storage there is no user id there
@niranjanmagare51934 жыл бұрын
This is the best video for firestore security rules. But i want to write rule which can allow read and write for a specific collection which have many documents and in those documents again many collection and so on. Will you help me..?
@mafiacodes4 жыл бұрын
Share an example on GitHub and I will try to push security rule
@ReadersMess3 жыл бұрын
if any user tries to increase his/her coins or points without watching ad using illegal method how to avoid this, as user can write in his document he can increase points too
@mafiacodes3 жыл бұрын
add security rule for writing too...or add some backend code (or probably use firebase functions) to validate it...
@surenderkumar40104 жыл бұрын
Super bro....next firebase function panuinga bro
@mafiacodes4 жыл бұрын
Thanks subscribe like share.
@shakeelali94183 жыл бұрын
I have a question how anybody can access our database . If the person want to access database then he needs to have the firebase api keys.
@mafiacodes3 жыл бұрын
The keys are in the firebase config file, which we added to out project. And the read/write is protected by security rules. kzbin.info/www/bejne/qnO7hKWjrLCfl5I
@muhammadmehdi13043 жыл бұрын
I don't get the 'allow create: if request.auth != null && request.auth.uid == request.response.data.userID'
@mafiacodes3 жыл бұрын
1. request.auth != null - the request is authenticated, ie the user is authenticated 2. request.auth.uid == request.response.data.userID - the authenticated users id matches the userID field in document
@comboschtap Жыл бұрын
@@mafiacodes I was wondering the same actually. What confuses me here is the fact that if the user is creating a document that does not exist yet, then how is it possible to compare the userID on a still non-existing document? In other words, my question is: How come are you able to get the userID on a document that does not exist yet ( request.response.data.userID)? Other than that, thank you for a great explanation. You wrote this explanation: "request.auth.uid == request.response.data.userID - the authenticated users id matches the userID field in document". But as how I understand, we are just creating that document, so how can we get the document userID?
@abhishekmirajkar034 жыл бұрын
What would be the query to access ?
@mafiacodes4 жыл бұрын
Like what?
@abhishekmirajkar034 жыл бұрын
@@mafiacodes I have rules set for my DB that the user should be authenticated, so I'm confused do I have do write anything specific code to access that data in my flutter project Please help it's gonna save my job
@mafiacodes4 жыл бұрын
No u don’t if u have specified the access to a particular resource that only authenticated users should access, then firebase will check itself that is the user authenticated provided u are using firebase authentication.
@gajendrapandeya50813 жыл бұрын
Sir what if our app doesn't have authentication system?? What should we do for that?
@mafiacodes3 жыл бұрын
then u need to figure out 😉, since it will be an open database
@gajendrapandeya50813 жыл бұрын
@@mafiacodes i have no idea what can i do. Please suggest me the best possible answer. I have searching about this almost from a week. Hope you will help me sir.
@mafiacodes3 жыл бұрын
Bro nothing u can do, no auth means no way to protect database since it’s open, or u can use firebase sign in anonymously
@krishnamohanty51284 жыл бұрын
hi sir, thanx for making this video. but i have some error i am facing right now. error is: Listen for Query(users/-M9hU8UJtjjJws3-_UYE) failed: Status{code=PERMISSION_DENIED, description=Missing or insufficient permissions., cause=null}. And query : future: Firestore.instance.collection("users").document(widget.profileID).get(), builder: (context, snapshot) . how to fix?
@mafiacodes4 жыл бұрын
Check ur security rules
@krishnamohanty51284 жыл бұрын
@@mafiacodes service firebase.storage { match /databases/{database}/documents { match /users/{userId} { allow read, write: if isOwner(userId); } } function isOwner(userId) { return request.auth.uid == userId; } }
@bongbox4 жыл бұрын
Can I write a rules to disable a document with expiring timestamp?
@mafiacodes4 жыл бұрын
Refer this post on medium medium.com/firebase-developers/what-does-it-mean-that-firestore-security-rules-are-not-filters-68ec14f3d003
@mcifci4 жыл бұрын
You said " allow read : if isAuthenticated() && request.auth.uid == resource.data.userId;" this means that only user who is posted that note read note writed by himself/herlself. how other users will read this note
@mafiacodes4 жыл бұрын
It’s a personal notes collection only for user if u want others to read then skip the second condition
@mcifci4 жыл бұрын
@@mafiacodes does this create a security gap
@mcifci4 жыл бұрын
@@mafiacodes In particular, I want to ask that, for example, each user in your firestore has its own field, and it also contains the userId of the user, if we allow everyone to read registered users, do they see all the information in the field, such as userId
@mcifci4 жыл бұрын
@@mafiacodes thank you ;);) I need to do more extensive research about security. the videos you make are also really useful
@mafiacodes4 жыл бұрын
Yes but u can only return fields u require
@aviagarwal75284 жыл бұрын
Sir i need you help how to use the get function I want to check that current uid is equal to the value field of uid And the path is Teachers----(many documents)------uid=something
@mafiacodes4 жыл бұрын
I dint understand please elaborate
@aviagarwal75284 жыл бұрын
@@mafiacodes sir can i get you email id or something so that i can send you an image with details
@mafiacodes4 жыл бұрын
you can share on GitHub...
@aviagarwal75284 жыл бұрын
@@mafiacodes stackoverflow.com/questions/61425078/firestore-security-rules-get-function-showing-error this is my question
@gannafour57264 жыл бұрын
Hello Sir, i am still getting a error in reading a documents. can i get your email so i can contact you?