[[service]] provides a rules language based on JavaScript-like boolean expression. You can easily define how your data should be structured and when your data can be read from and written to. Combined with our login service which allows for easy authentication, you can define who has access to what data and keep all of your user's personal information secure. The Security and [[service]] Rules live on the [[service]] servers and are automatically enforced at all times.
Understand the Default Security and [[service]] Rules
Security and [[service]] Rules are used to determine who has read and write access to your [[service]] data
as well to ensure the structure of that data.
They are found in the Security tab of your [[console]].
They come in three flavors: .write, .read, and .validate.
Here is a quick summary of their purpose:
Rule Type Description .readDescribes if and when data is allowed to be read by users. .writeDescribes if and when data is allowed to be written. .validateDefines what a correctly formatted value will look like, whether it has child attributes, and the data type.
Security and [[service]] Rules have a JavaScript-like syntax which makes them easy to work with. By default, your [[service]] has rules which grants every request full read and write permissions to your [[service]]:
{
"rules": {
".read": true,
".write": true
}
}Security and [[service]] Rules live on the [[service]] servers and are enforced at all times. Every read and write request will only be completed if your rules allow it. With the default rules above, all requests will be permitted. Security Behind the Scenes
Limitations
To avoid performances issue, some elements are forbidden in security rules:
- regular expressions
- loops
- function calls
- function definitions