Adds fix for issue affecting update with CLP (#5269)

* Adds fix for issue affecting update with CLP

* Disable single instance

spec/ParseUser.spec.js

@@ -834,7 +834,6 @@ describe('Parse.User testing', () => {
       query.get(user.id).then(freshUser => {
         equal(freshUser.id, user.id);
         equal(freshUser.get('username'), 'alice');
-        Parse.Object.enableSingleInstance();
         done();
       });
     });
@@ -860,7 +859,6 @@ describe('Parse.User testing', () => {
         equal(freshUser.id, user.id);
         // Should be alice, but it depends on batch support.
         equal(freshUser.get('username'), 'bob');
-        Parse.Object.enableSingleInstance();
         done();
       });
     });
@@ -1275,14 +1273,12 @@ describe('Parse.User testing', () => {
   });
 
   it('returns authData when authed and logged in with provider (regression test for #1498)', async done => {
-    Parse.Object.enableSingleInstance();
     const provider = getMockFacebookProvider();
     Parse.User._registerAuthenticationProvider(provider);
     const user = await Parse.User._logInWith('facebook');
     const userQuery = new Parse.Query(Parse.User);
     userQuery.get(user.id).then(user => {
       expect(user.get('authData')).not.toBeUndefined();
-      Parse.Object.disableSingleInstance();
       done();
     });
   });

spec/Schema.spec.js

@@ -1066,7 +1066,6 @@ describe('SchemaController', () => {
           .then(obj2reloaded => {
             expect(obj2reloaded.get('aString')).toEqual(undefined);
             done();
-            Parse.Object.enableSingleInstance();
           });
       })
       .catch(error => {
@@ -1100,7 +1099,6 @@ describe('SchemaController', () => {
       .then(obj1 => {
         expect(obj1.get('aPointer')).toEqual('Now a string');
         done();
-        Parse.Object.enableSingleInstance();
       });
   });
 

spec/schemas.spec.js

@@ -2043,6 +2043,23 @@ describe('schemas', () => {
       .catch(done.fail);
   });
 
+  it('regression test for #5177', async () => {
+    Parse.Object.disableSingleInstance();
+    Parse.Cloud.beforeSave('AClass', () => {});
+    await setPermissionsOnClass(
+      'AClass',
+      {
+        update: { '*': true },
+      },
+      false
+    );
+    const obj = new Parse.Object('AClass');
+    await obj.save({ key: 1 }, { useMasterKey: true });
+    obj.increment('key', 10);
+    const objectAgain = await obj.save();
+    expect(objectAgain.get('key')).toBe(11);
+  });
+
   it('regression test for #2246', done => {
     const profile = new Parse.Object('UserProfile');
     const user = new Parse.User();

src/Controllers/DatabaseController.js

@@ -1141,7 +1141,6 @@ class DatabaseController {
       distinct,
       pipeline,
       readPreference,
-      isWrite,
     }: any = {}
   ): Promise<any> {
     const isMaster = acl === undefined;
@@ -1217,7 +1216,7 @@ class DatabaseController {
                 );
               }
               if (!query) {
-                if (op == 'get') {
+                if (op === 'get') {
                   throw new Parse.Error(
                     Parse.Error.OBJECT_NOT_FOUND,
                     'Object not found.'
@@ -1227,7 +1226,7 @@ class DatabaseController {
                 }
               }
               if (!isMaster) {
-                if (isWrite) {
+                if (op === 'update' || op === 'delete') {
                   query = addWriteACL(query, aclGroup);
                 } else {
                   query = addReadACL(query, aclGroup);

src/RestQuery.js

@@ -30,7 +30,6 @@ function RestQuery(
   this.clientSDK = clientSDK;
   this.response = null;
   this.findOptions = {};
-  this.isWrite = false;
 
   if (!this.auth.isMaster) {
     if (this.className == '_Session') {
@@ -259,12 +258,6 @@ RestQuery.prototype.buildRestWhere = function() {
     });
 };
 
-// Marks the query for a write attempt, so we read the proper ACL (write instead of read)
-RestQuery.prototype.forWrite = function() {
-  this.isWrite = true;
-  return this;
-};
-
 // Uses the Auth object to get the list of roles, adds the user id
 RestQuery.prototype.getUserAndRoleACL = function() {
   if (this.auth.isMaster) {
@@ -647,9 +640,6 @@ RestQuery.prototype.runFind = function(options = {}) {
   if (options.op) {
     findOptions.op = options.op;
   }
-  if (this.isWrite) {
-    findOptions.isWrite = true;
-  }
   return this.config.database
     .find(this.className, this.restWhere, findOptions)
     .then(results => {

src/rest.js

@@ -112,7 +112,6 @@ function del(config, auth, className, objectId) {
       const hasLiveQuery = checkLiveQuery(className, config);
       if (hasTriggers || hasLiveQuery || className == '_Session') {
         return new RestQuery(config, auth, className, { objectId })
-          .forWrite()
           .execute({ op: 'delete' })
           .then(response => {
             if (response && response.results && response.results.length) {
@@ -224,9 +223,9 @@ function update(config, auth, className, restWhere, restObject, clientSDK) {
       const hasLiveQuery = checkLiveQuery(className, config);
       if (hasTriggers || hasLiveQuery) {
         // Do not use find, as it runs the before finds
-        return new RestQuery(config, auth, className, restWhere)
+        return new RestQuery(config, auth, className, restWhere).execute({
-          .forWrite()
+          op: 'update',
-          .execute();
+        });
       }
       return Promise.resolve({});
     })