firebase-database Firebase Realtime Database Rules Data validation

Example

The Firebase Realtime Database is schemaless. This makes it easy to change things as you develop, but once your app is ready to distribute, it's important for data to stay consistent. The rules language includes a .validate rule which allows you to apply validation logic using the same expressions used for .read and .write rules. The only difference is that all relevant validation rules must evaluate to true in order for the write to be allowed (in other words, all applicable .validate rules are ANDed together to allow a database write).

These rule enforce that data written to /foo/ must be a string less than 100 characters:

{
  "rules": {
    "foo": {
      ".validate": "newData.isString() && newData.val().length < 100"
    }
  }
}

Validation rules have access to all of the same built-in functions and variables as .read and .write rules. You can use these to create validation rules that are aware of data elsewhere in your database, your user's identity, server time, and much more.