joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adds count class level permission (#3814)

Browse Source 
* Adds count class level permission

* fixup! Adds count class level permission

* Adds missing count property on beforeFind request object

* nits
This commit is contained in:
Florent Vilmart
2017-05-14 21:47:30 -04:00
committed by GitHub
parent d71683a7e2
commit 691cf5988a
5 changed files with 75 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/Controllers/DatabaseController.js
View File

@@ -744,6 +744,9 @@ DatabaseController.prototype.find = function(className, query, {
const isMaster = acl === undefined;
const aclGroup = acl || [];
op = op || (typeof query.objectId == 'string' && Object.keys(query).length === 1 ? 'get' : 'find');
// Count operation if counting
op = (count === true ? 'count' : op);
let classExists = true;
return this.loadSchema()
.then(schemaController => {

4
src/Controllers/SchemaController.js
View File

@@ -137,7 +137,7 @@ function verifyPermissionKey(key) {
}
}
const CLPValidKeys = Object.freeze(['find', 'get', 'create', 'update', 'delete', 'addField', 'readUserFields', 'writeUserFields']);
const CLPValidKeys = Object.freeze(['find', 'count', 'get', 'create', 'update', 'delete', 'addField', 'readUserFields', 'writeUserFields']);
function validateCLP(perms, fields) {
if (!perms) {
return;
@@ -820,7 +820,7 @@ export default class SchemaController {
// No matching CLP, let's check the Pointer permissions
// And handle those later
const permissionField = ['get', 'find'].indexOf(operation) > -1 ? 'readUserFields' : 'writeUserFields';
const permissionField = ['get', 'find', 'count'].indexOf(operation) > -1 ? 'readUserFields' : 'writeUserFields';
// Reject create when write lockdown
if (permissionField == 'writeUserFields' && operation == 'create') {