I am implementing a chat app with Firestore, and I have a document for each chatroom in a collection "chats/" which have a subcollection "messages/" with all the messages in the room.
For accessing this subcollection, I need to check that the user is allowed to read it, checking that he is in the array of members which is in the parent document.
/chats
/chatId
/messages (subcollection)
/messageId
- members array (field)
Currently, I am doing this:
function isSignedIn() {
return request.auth.uid != null;
}
match /chats/{chatId} {
function isUserInChatRoom() {
let userId = request.auth.uid;
// A user is in the chatroom if he is in its members list
return userId in resource.data.members;
}
// Only signed users which are in the chatroom can read its data
allow read: if isSignedIn() && isUserInChatRoom();
// The client side cannot modify the chats collection
allow write, update, delete: if false;
match /messages/{document=**} {
// Only signed users which are in the chatroom can read its messages
allow read: if isSignedIn() && isUserInChatRoom();
}
}
But, it seems that isUserInChatRoom() doesnt work in the messages subcollection.
How can I achieve this?
question from:
https://stackoverflow.com/questions/65854728/firestore-security-rules-allow-read-subcollection-based-on-its-parent-document 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…