Menu
Any client code (in our case an Angular app) will at some point make assumptions about the documents in a collection: It will presume the presence of certain attributes in certain states etc.
In other words, we have an implicit data schema.
What are good ways to express the schema explicitly in typescript and to enforce DB operations to comply with the schema?
Important: We implemented document schema versions, as an attribute of any document. Therefore documents with older and newer schema exist side by side. E.g. countries with version=1 are not expected to have a "capital" field, whereas those with version=2 must have it.
Therefore it is a requirement that the schema model has to support such cases.
324
Rules around what data can be stored can be enforced in Firebase's server-side security rules. These rules are typically used for both access control (who can access the data?) and validation of the data (what data can be stored?)
For example this rule only allows documents to be written if they have lastIndex and lastUpdated fields:
allow write: request.resource.data.keys().hasAll(['lastIndex', 'lastUpdated'])
You could also validate the type of these fields, and even their value. For example the rules below ensure that lastIndex is a number, while lastUpdated must always be set to the same time as the server:
allow write: request.resource.data.keys().hasAll(['lastIndex', 'lastUpdated']) &&
request.resource.data.lastIndex is int &&
request.resource.data.lastUpdated == request.time
There are some great videos on these security rules coming out now in the Firecasts series on youtube. This video on data types and global objects in Firebase security rules looks especially relevant.
197
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
