Search code examples
firebase-realtime-databasefirebase-security

Firebase Realtime Database: Split method in security rules: Error saving rules - Line 6: No such method/property 'split'

I am storing user messages in real time database like this: <USER_1_UID>__<USER_2_UID> now before creating the object, I am sorting it so to ensure that for two users the key always matches.

I want a user to be able to read/write the messages only if the key when split through __ contains the uid of the user that requested it.

For example:

uid1__uid2 chat must only be accessible to uid1 and uid2 and no one else.

One method could be: $uidCombo.contains(auth.uid) but this will fail for the use case: uid11_uid2 where both uid11 and uid1 would be able to access the messages.

My major question is does split method exist in firebase as I see it in suggestions: enter image description here

"messages": {
        "$uidcombo": {
          ".read":"$uidcombo.split('__').contains(auth.uid)",
        }
Solution

  • According to the reference documentation for the String type in security rules, it does not support a split method. So it seems like a bug in the auto-completer that the rules editor uses that it shows that.

    To achieve your goal, you could use beginsWith and endsWith to test for the UID.

    ".read":"$uidcombo.beginsWith(auth.uid+'__') || 
         $uidcombo.endsWith('__'+auth.uid)"