You have Firestore security rules that deny read access to a document. You run a read request using the Firebase emulator. What is the expected behavior?
Think about how the emulator enforces rules like the real service.
The Firebase emulator enforces security rules exactly as the real Firestore service does. If rules deny access, the emulator returns a permission denied error immediately.
You want to start the Firebase emulator locally with Firestore and Authentication emulators enabled. Which command is correct?
Check the official Firebase CLI command syntax for starting emulators.
The correct command is firebase emulators:start --only firestore,auth. It starts only the Firestore and Authentication emulators.
Choose the best description of how the Firebase emulator suite supports testing security rules before deploying to production.
Consider how local emulation helps avoid risks to live data.
The Firebase emulator suite runs backend services locally and enforces security rules, allowing safe testing of reads and writes without touching production data.
If you disable rules validation in the Firebase emulator, what happens when you perform a read or write operation?
Think about what disabling rules validation means for security enforcement.
Disabling rules validation causes the emulator to allow all reads and writes without checking security rules, which can be useful for testing but unsafe for real use.
To reliably test Firestore security rules in a continuous integration/continuous deployment (CI/CD) pipeline using the Firebase emulator, which practice is best?
Consider how to isolate tests and avoid side effects in automated pipelines.
Starting the emulator fresh in CI/CD, running tests with the Firebase Testing SDK, and shutting down ensures isolated, repeatable tests without affecting production.