How to Set proper Rules on Google Firebase DB

How to Set proper Rules on Google Firebase DB:

Here is an example of a pretty simple rules setting. We don’t want just anyone to access user information. The users sub directory is restricted to the user logged in. The rest is fully restricted and is only accessible via admin api.

service cloud.firestore {
  match /databases/{database}/documents {
    // Make sure the uid of the requesting user matches name of the user
    // document. The wildcard expression {userId} makes the userId variable
    // available in rules.
    match /someusercollection/{userID}/{document=**} {
      allow read, update, delete: if request.auth.uid == userId;
      allow create: if request.auth.uid != null;
    }
    match /somecollection/{document=**} {
      allow read, update, delete, create: if false;
    }
  }
}

Read more on the Firebase Docs.