what are firebase lock mode and test mode my android app is already on google play enter image description herestore but what choose firebase mode?
Start in locked mode
Your data is private by default. Client
read/write access will only be granted
as specified by your security rules.
Start in test mode
Your data is open by default to enable
quick setup. However, you must update
your security rules within 30 days to
enable long-term clients to read/write
access.
The default security rules for test mode allow anyone with your
database reference to view, edit, and delete all data in your
database for the next 30 days
3
Answers
Those are just presets of security rules that you want when creating the database. You can also change and customize the security rules later as need from Firebase console.
Test mod essential allows reads and writes by default to everyone and production mode does not. If you had chosen production, you must chnage the rules and allow users to read write the DB paths that they are supposed to.
Firebase Security Rules stand between your data and malicious users. You can write simple or complex rules that protect your app’s data to the level of granularity that your specific app requires.
Firebase Security Rules leverage extensible, flexible configuration languages to define what data your users can access for Realtime Database, Cloud Firestore, and Cloud Storage. Firebase Realtime Database Rules leverage JSON in rule definitions, while Cloud Firestore Security Rules and Firebase Security Rules for Cloud Storage leverage a unique language built to accommodate more complex rules-specific structures.
reference: https://firebase.google.com/docs/rules
Each time you create a database (in any kind of system, not only Firebase) a security setting must be set in place during creation.
For Firebase Realtime Database it’s done through the security rules.
Firebase offers 2 options either locked mode or test mode:
These are just default settings and are not recommended for production apps, You can read more about these default rules here.
If you create an app which makes use of the RTDB, check first how they work here and protect your DB from malicious actions.
Side node: If you are on the Blaze plan structuring your rules is a must as it can lead to unexpected scenarios(completely wiped out DB, stealing data, maliciously modifying data, exorbitant bills, etc…).