How to use the parse/node.ACL function in parse

To help you get started, we’ve selected a few parse examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github parse-community / parse-server / spec / ParseLiveQueryServer.spec.js View on Github external
it('matches CLP when find is closed', done => {
      const parseLiveQueryServer = new ParseLiveQueryServer({});
      const acl = new Parse.ACL();
      acl.setReadAccess(testUserId, true);
      // Mock sessionTokenCache will return false when sessionToken is undefined
      const client = {
        sessionToken: 'sessionToken',
        getSubscriptionInfo: jasmine
          .createSpy('getSubscriptionInfo')
          .and.returnValue({
            sessionToken: undefined,
          }),
      };
      const requestId = 0;

      parseLiveQueryServer
        ._matchesCLP(
          {
            find: {},
github beachio / chisel-parse-server-starter / index.js View on Github external
} catch (e) {
      console.error(e);
    }
  }
  
  // set templates
  if (SITE_TEMPLATES) {
    const templates = require('./siteTemplates/templates.json');
    const fs = require('fs');

    const Template = Parse.Object.extend('Template');
    const Model = Parse.Object.extend('Model');
    const ModelField = Parse.Object.extend('ModelField');

    const ACL = new Parse.ACL();
    ACL.setPublicReadAccess(true);
    ACL.setPublicWriteAccess(false);

    for (let template of templates) {
      const res = await new Parse.Query("Template")
        .equalTo('name', template.name)
        .first();
      if (res)
        continue;

      const template_o = new Template();

      template_o.set('name',        template.name);
      template_o.set('description', template.description);
      template_o.setACL(ACL);
github parse-community / parse-server / spec / ParseAPI.spec.js View on Github external
const acl = object.getACL();
        expect(acl.getPublicReadAccess()).toBeTruthy();
        expect(acl.getPublicWriteAccess()).toBeTruthy();
      } else if (triggerTime == 1) {
        const acl = object.getACL();
        expect(acl.getPublicReadAccess()).toBeFalsy();
        expect(acl.getPublicWriteAccess()).toBeTruthy();
      } else {
        res.error();
      }
      triggerTime++;
      res.success();
    });

    const obj = new Parse.Object('GameScore');
    const acl = new Parse.ACL();
    acl.setPublicReadAccess(true);
    acl.setPublicWriteAccess(true);
    obj.setACL(acl);
    obj.save().then(() => {
      acl.setPublicReadAccess(false);
      obj.setACL(acl);
      return obj.save();
    }).then(() => {
      // Make sure the checking has been triggered
      expect(triggerTime).toBe(2);
      done();
    }, error => {
      jfail(error);
      done();
    });
  });
github parse-community / parse-server / spec / ParseLiveQueryServer.spec.js View on Github external
it("won't match non-public ACL when client has no master key", function(done) {
    const parseLiveQueryServer = new ParseLiveQueryServer({});
    const acl = new Parse.ACL();
    acl.setPublicReadAccess(false);
    const client = {
      getSubscriptionInfo: jasmine
        .createSpy('getSubscriptionInfo')
        .and.returnValue({}),
      hasMasterKey: false,
    };
    const requestId = 0;

    parseLiveQueryServer
      ._matchesACL(acl, client, requestId)
      .then(function(isMatched) {
        expect(isMatched).toBe(false);
        done();
      });
  });
github parse-community / parse-server / spec / ParseAPI.spec.js View on Github external
it('test beforeSave set object acl success', function(done) {
    const acl = new Parse.ACL({
      '*': { read: true, write: false }
    });
    Parse.Cloud.beforeSave('BeforeSaveAddACL', function(req, res) {
      req.object.setACL(acl);
      res.success();
    });

    const obj = new Parse.Object('BeforeSaveAddACL');
    obj.set('lol', true);
    obj.save().then(function() {
      const query = new Parse.Query('BeforeSaveAddACL');
      query.get(obj.id).then(function(objAgain) {
        expect(objAgain.get('lol')).toBeTruthy();
        expect(objAgain.getACL().equals(acl));
        done();
      }, function(error) {
github parse-community / parse-server / spec / ParseLiveQueryServer.spec.js View on Github external
it('can match ACL with none exist requestId', function(done) {
    const parseLiveQueryServer = new ParseLiveQueryServer({});
    const acl = new Parse.ACL();
    const client = {
      getSubscriptionInfo: jasmine
        .createSpy('getSubscriptionInfo')
        .and.returnValue(undefined),
    };
    const requestId = 0;

    parseLiveQueryServer
      ._matchesACL(acl, client, requestId)
      .then(function(isMatched) {
        expect(isMatched).toBe(false);
        done();
      });
  });
github parse-community / parse-server / spec / CloudCode.spec.js View on Github external
const triggeruser3 = new Parse.User();
    triggeruser3.setUsername('triggeruser3');
    triggeruser3.setPassword('triggeruser3');
    await triggeruser3.signUp();

    const triggeruser4 = new Parse.User();
    triggeruser4.setUsername('triggeruser4');
    triggeruser4.setPassword('triggeruser4');
    await triggeruser4.signUp();

    const triggeruser5 = new Parse.User();
    triggeruser5.setUsername('triggeruser5');
    triggeruser5.setPassword('triggeruser5');
    await triggeruser5.signUp();

    const triggerroleacl = new Parse.ACL();
    triggerroleacl.setPublicReadAccess(true);

    const triggerrole = new Parse.Role();
    triggerrole.setName('triggerrole');
    triggerrole.setACL(triggerroleacl);
    triggerrole.getUsers().add(triggeruser);
    triggerrole.getUsers().add(triggeruser3);
    await triggerrole.save();

    const config = Config.get('test');
    const schema = await config.database.loadSchema();
    await schema.addClassIfNotExists(
      'triggerclass',
      {
        someField: { type: 'String' },
        pointerToUser: { type: 'Pointer', targetClass: '_User' },
github parse-community / parse-server / spec / CloudCode.spec.js View on Github external
sessionToken: triggeruser.getSessionToken(),
    });
    expect(called).toBe(2);
    await triggerobject.save(undefined, {
      sessionToken: triggeruser2.getSessionToken(),
    });
    expect(called).toBe(3);
    await triggerobject.save(undefined, {
      sessionToken: triggeruser3.getSessionToken(),
    });
    expect(called).toBe(4);

    const triggerobject2 = new Parse.Object('triggerclass');
    triggerobject2.set('someField', 'someValue');
    triggerobject2.set('someField22', 'someValue');
    const triggerobjectacl2 = new Parse.ACL();
    triggerobjectacl2.setPublicReadAccess(false);
    triggerobjectacl2.setPublicWriteAccess(false);
    triggerobjectacl2.setReadAccess(triggeruser.id, true);
    triggerobjectacl2.setWriteAccess(triggeruser.id, true);
    triggerobjectacl2.setReadAccess(triggeruser2.id, true);
    triggerobjectacl2.setWriteAccess(triggeruser2.id, true);
    triggerobjectacl2.setReadAccess(triggeruser5.id, true);
    triggerobjectacl2.setWriteAccess(triggeruser5.id, true);
    triggerobject2.setACL(triggerobjectacl2);

    await triggerobject2.save(undefined, {
      sessionToken: triggeruser2.getSessionToken(),
    });
    expect(called).toBe(5);
    await triggerobject2.save(undefined, {
      sessionToken: triggeruser2.getSessionToken(),
github parse-community / parse-server / spec / UserPII.spec.js View on Github external
beforeEach(async done => {
        const adminRole = await new Parse.Role(
          'Administrator',
          new Parse.ACL()
        ).save(null, { useMasterKey: true });

        const managementRole = new Parse.Role(
          'managementOf_user' + user.id,
          new Parse.ACL(user)
        );
        managementRole.getRoles().add(adminRole);
        await managementRole.save(null, { useMasterKey: true });

        const userACL = new Parse.ACL();
        userACL.setReadAccess(managementRole, true);
        await user.setACL(userACL).save(null, { useMasterKey: true });

        adminUser = await Parse.User.signUp('administrator', 'secure');
        adminUser = await Parse.User.logIn(adminUser.get('username'), 'secure');
        await adminRole
          .getUsers()
          .add(adminUser)
          .save(null, { useMasterKey: true });

        done();
      });
github bakery / pokemon-map / server / src / models / Pokemon.js View on Github external
resolve: (_, { text }, { Query, user }) => {
      const pokemon = new Query(Pokemon).create({ text });
      if (user) {
        pokemon.setACL(new Parse.ACL(user));
      }
      return pokemon.save().then(td => td);
    },
  },