feat: Add Parse Server option allowPublicExplain to allow Parse.Query.explain without master key (#9890)

src/Security/CheckGroups/CheckGroupServerConfig.js

@@ -90,6 +90,21 @@ class CheckGroupServerConfig extends CheckGroup {
           }
         },
       }),
+      new Check({
+        title: 'Public database explain disabled',
+        warning:
+          'Database explain queries are publicly accessible, which may expose sensitive database performance information and schema details.',
+        solution:
+          "Change Parse Server configuration to 'databaseOptions.allowPublicExplain: false'. You will need to use master key to run explain queries.",
+        check: () => {
+          if (
+            config.databaseOptions?.allowPublicExplain === true ||
+            config.databaseOptions?.allowPublicExplain == null
+          ) {
+            throw 1;
+          }
+        },
+      }),
     ];
   }
 }