"Object not found." instead of "Insufficient auth." when using master key (#5133)

* add additional isMaster check

* adding some tests

* nits

* covering all basis

spec/ParseUser.spec.js

@@ -3314,7 +3314,9 @@ describe('Parse.User testing', () => {
         done();
       });
     });
-  }).pend('this test fails.  See: https://github.com/parse-community/parse-server/issues/5097');
+  }).pend(
+    'this test fails.  See: https://github.com/parse-community/parse-server/issues/5097'
+  );
 
   it('should be able to update user with authData passed', done => {
     let objectId;
@@ -3686,6 +3688,35 @@ describe('Parse.User testing', () => {
       .then(done, done.fail);
   });
 
+  it('should throw OBJECT_NOT_FOUND instead of SESSION_MISSING when using masterKey', async () => {
+    // create a fake user (just so we simulate an object not found)
+    const non_existent_user = Parse.User.createWithoutData('fake_id');
+    try {
+      await non_existent_user.destroy({ useMasterKey: true });
+      throw '';
+    } catch (e) {
+      expect(e.code).toBe(Parse.Error.OBJECT_NOT_FOUND);
+    }
+    try {
+      await non_existent_user.save({}, { useMasterKey: true });
+      throw '';
+    } catch (e) {
+      expect(e.code).toBe(Parse.Error.OBJECT_NOT_FOUND);
+    }
+    try {
+      await non_existent_user.save();
+      throw '';
+    } catch (e) {
+      expect(e.code).toBe(Parse.Error.SESSION_MISSING);
+    }
+    try {
+      await non_existent_user.destroy();
+      throw '';
+    } catch (e) {
+      expect(e.code).toBe(Parse.Error.SESSION_MISSING);
+    }
+  });
+
   describe('issue #4897', () => {
     it_only_db('mongo')(
       'should be able to login with a legacy user (no ACL)',