I am trying to develop a chat app, for now it's purely a playground for future use. For that app, I want to send an arrayUnion with an object inside it, that contains the message details. On my DB, I have a document with an array of messages. I want to impose security rules on said object, so that it'll check that it has only the items and types that I define. Without any rules, it works as intended, but I just can't access the items in the received object in order to check them.
Here's what I'm sending on my frontend:
const message = {
timeStamp: Timestamp.now(),
text: currentText,
sender: userData.uid,
};
await updateDoc(doc(db, 'chats', chatId), {
messages: arrayUnion(message),
});
And this is the rules function that I'm trying to impose:
function checkChatMessage(message, requestUid){
return message.keys().hasAll(['timeStamp', 'text', 'sender']) &&
message.timeStamp is timestamp &&
message.text.size()>0 &&
message.text.size()<256 &&
message.text is string &&
message.sender is string &&
message.sender == reqUid;
}
I have tried passing that function request.arrayUnion[0], request.resource.data.message, request.resource.data.map and some more variations, but none seems to work.
