1
00:00:00,210 --> 00:00:04,770
In this lecture, we're going to review the rules generated by Firebase.

2
00:00:05,130 --> 00:00:09,780
The rules we selected allow anyone to read or write to the database.

3
00:00:10,080 --> 00:00:15,270
It's not an ideal set of rules, but it'll work for the development phase or our application.

4
00:00:15,660 --> 00:00:19,770
We should review the rules to have a better understanding of what's going on.

5
00:00:20,310 --> 00:00:27,480
We can navigate to the rules by opening the project's dashboard on the sidebar under the build section.

6
00:00:27,630 --> 00:00:30,510
We will click on the Firestorm menu item.

7
00:00:30,870 --> 00:00:34,080
Lastly, we can switch over to the Rules tab.

8
00:00:36,610 --> 00:00:43,060
Firebase provides an editor for modifying the rules of our database, we can tailor the behavior of

9
00:00:43,060 --> 00:00:45,460
the database by configuring the rules.

10
00:00:45,760 --> 00:00:48,580
We're not forced to keep the default rules.

11
00:00:48,940 --> 00:00:52,840
The syntax is similar to JavaScript object syntax.

12
00:00:53,260 --> 00:00:57,400
Firebase adopts identical syntax, but there are differences.

13
00:00:57,670 --> 00:01:00,310
Let's go through the rules line by line.

14
00:01:00,970 --> 00:01:05,230
The first line is configuring a variable called rules version.

15
00:01:05,590 --> 00:01:07,200
It's being set to two.

16
00:01:07,630 --> 00:01:10,390
There are different versions of syntax features.

17
00:01:10,660 --> 00:01:16,050
We want to use the latest version by setting the rules version variable to two.

18
00:01:16,390 --> 00:01:22,510
We will be able to use the latest syntax features different versions support different features.

19
00:01:22,900 --> 00:01:25,030
Version two is the latest version.

20
00:01:25,630 --> 00:01:29,320
After setting the version, we can start to create some rules.

21
00:01:29,680 --> 00:01:33,460
Creating rules is similar to creating CSS properties.

22
00:01:33,790 --> 00:01:35,800
I don't mean that syntax wise.

23
00:01:36,070 --> 00:01:38,800
In a sense, you need to make a selection.

24
00:01:39,100 --> 00:01:43,210
Once you've made a selection, you can start to add different properties.

25
00:01:43,570 --> 00:01:47,290
Properties are applied exclusively to the selection.

26
00:01:47,980 --> 00:01:51,220
That same idea is represented in this syntax.

27
00:01:51,520 --> 00:01:56,560
The first step for applying rules is to select where the rule should be applied to.

28
00:01:56,920 --> 00:02:00,550
After making a selection, we can begin to add rules.

29
00:02:00,910 --> 00:02:03,070
Rules can be applied universally.

30
00:02:03,370 --> 00:02:09,430
In some cases, you may want to apply rules to specific resources in your database.

31
00:02:09,850 --> 00:02:14,920
Firebase provides everything you'll need to apply rules to different resources.

32
00:02:15,550 --> 00:02:22,300
The second line in this editor is selecting a service I mentioned in the previous lecture how Firebase

33
00:02:22,300 --> 00:02:26,320
transitioned from a database solution to a backend solution.

34
00:02:26,770 --> 00:02:30,610
Firebase offers various products it calls services.

35
00:02:30,970 --> 00:02:33,880
You can have different rules for different services.

36
00:02:34,330 --> 00:02:42,310
The service keyword allows us to select a service, and this example we are selecting the Cloud Firestar

37
00:02:42,310 --> 00:02:42,970
service.

38
00:02:43,390 --> 00:02:46,180
This service refers to the database product.

39
00:02:46,780 --> 00:02:50,350
After selecting a service, we're adding curly brackets.

40
00:02:50,740 --> 00:02:53,710
Adding curly brackets will group rules together.

41
00:02:54,100 --> 00:02:58,720
Anything we write inside the curly brackets will be applied to the selection.

42
00:02:59,080 --> 00:03:02,320
We don't have to start writing rules if we want.

43
00:03:02,470 --> 00:03:04,900
We can continue to write selections.

44
00:03:05,500 --> 00:03:08,050
Up next, we're using the match keyword.

45
00:03:08,410 --> 00:03:13,720
Any time a request is made to the database, it must be to a specific resource.

46
00:03:14,050 --> 00:03:19,300
The match keyword can check if a request is being made to a particular resource.

47
00:03:19,780 --> 00:03:26,680
In this example, we're checking if the request is being made to the databases slash database slash

48
00:03:26,680 --> 00:03:28,060
documents resource.

49
00:03:28,510 --> 00:03:32,170
The databases directory is where databases are stored.

50
00:03:32,530 --> 00:03:36,460
You can have multiple databases for a Firebase application.

51
00:03:36,850 --> 00:03:38,860
Currently, we're on the free plan.

52
00:03:39,130 --> 00:03:40,870
We're allotted one database.

53
00:03:41,140 --> 00:03:46,330
If you'd like to have multiple databases, you'll need to upgrade to a premium plan.

54
00:03:46,690 --> 00:03:50,710
We won't need to upgrade because one database is more than enough.

55
00:03:51,310 --> 00:03:55,030
Every database is listed under the Databases directory.

56
00:03:55,360 --> 00:03:59,080
Afterward, we're using a placeholder called database.

57
00:03:59,500 --> 00:04:06,490
Firebase will replace this placeholder with the name of the database the request is trying to access

58
00:04:06,880 --> 00:04:10,660
if you want to apply a set of rules to a specific database.

59
00:04:10,930 --> 00:04:14,710
You'll need to change this placeholder to the name of the database.

60
00:04:15,340 --> 00:04:18,970
The last segment in the path is the documents directory.

61
00:04:19,360 --> 00:04:23,440
Documents are the terminology for the objects in your database.

62
00:04:23,800 --> 00:04:27,040
We'll discuss documents in depth in another lecture.

63
00:04:27,700 --> 00:04:31,270
Inside this condition, we're making another condition.

64
00:04:31,720 --> 00:04:35,890
The condition is checking if the document is equal to two stars.

65
00:04:36,190 --> 00:04:38,620
Two stars are treated as wildcards.

66
00:04:38,830 --> 00:04:43,990
Therefore, we're selecting any document in our database regardless of the name.

67
00:04:44,680 --> 00:04:49,240
After making these conditions, rules are being applied to our documents.

68
00:04:49,570 --> 00:04:55,570
This rule allows anyone on the internet to view, edit and delete data in your database.

69
00:04:55,870 --> 00:05:00,880
Every single piece of information in our database is accessible to the outside world.

70
00:05:01,270 --> 00:05:07,030
It is helpful for getting started, but leaves us vulnerable to attackers to mitigate damage.

71
00:05:07,300 --> 00:05:11,590
These rules expire in 30 days after the expiration date.

72
00:05:11,740 --> 00:05:14,350
Requests to our database will be denied.

73
00:05:14,890 --> 00:05:18,970
It's possible that you may not be able to finish this course in 30 days.

74
00:05:19,240 --> 00:05:21,910
It's perfectly fine if you aren't able to finish.

75
00:05:22,210 --> 00:05:24,550
You don't want to be locked out of your database.

76
00:05:24,820 --> 00:05:29,680
You can modify the rules to extend the expiration time in the condition.

77
00:05:29,680 --> 00:05:32,750
We're calling a function called timestamp that date.

78
00:05:33,070 --> 00:05:34,660
It has three arguments.

79
00:05:34,900 --> 00:05:36,040
The year month.

80
00:05:36,290 --> 00:05:43,250
And day, you can modify any of these values to extend the expiration date after making changes, you

81
00:05:43,250 --> 00:05:44,570
will need to publish them.

82
00:05:45,050 --> 00:05:48,350
We're finished with reviewing the rules for our database.

83
00:05:48,800 --> 00:05:52,130
The default configuration will work for our project.

84
00:05:52,430 --> 00:05:55,040
If we ever need to modify them, we will.

85
00:05:55,400 --> 00:06:01,400
In the resource section of this lecture, I provide a link to the Rules Documentation page.

86
00:06:02,530 --> 00:06:05,750
Everything you'd want to learn about rules can be found here.

87
00:06:06,070 --> 00:06:12,250
From the syntax to how you can test rules, I recommend checking it out if you would like to learn more

88
00:06:12,250 --> 00:06:13,900
about security rules.