Firebase how check path contains value and allow read and write other path

Question

At the moment i try to build a chat in flutter with google firebase. Now i would like my database more secure. That means only users (room_3) in chat can read and write data data.

Is it possible to check a path contains a user value and if the user value is contains allow read a other path?

Here my database structer:

/chat/product_id/product_id_12345/chat_room_id/room_1/message_1/message2...

My idea is i add in 'room_1' the user id. Then i check the user is contains in 'room_1'. If the user is contains i allow read and write data the complete path (message_1/message_2...).

Here my example:

If you have any questions fell free to ask me. Many thx.

Answer 1

In the security rules for the messages subcollection you can read the parent document and check whether the current user is in the user_id field with:

...
match /messages/{message} {
  allow read: 
    if request.auth != null && 
       request.auth.uid in 
         get(/databases/$(database)/documents/chat_room/$(chat_room_id)).data.user_id
}