"Object not found." instead of "Insufficient auth." when using master key (#5133)

* add additional isMaster check * adding some tests * nits * covering all basis
2018-10-23 02:33:43 +03:00
parent de79b70cbc
commit 961abda4eb
2 changed files with 38 additions and 3 deletions
--- a/src/rest.js
+++ b/src/rest.js
@@ -250,9 +250,13 @@ function update(config, auth, className, restWhere, restObject, clientSDK) {
    });
 }

-function handleSessionMissingError(error, className) {
+function handleSessionMissingError(error, className, auth) {
  // If we're trying to update a user without / with bad session token
-  if (className === '_User' && error.code === Parse.Error.OBJECT_NOT_FOUND) {
+  if (
+    className === '_User' &&
+    error.code === Parse.Error.OBJECT_NOT_FOUND &&
+    !auth.isMaster
+  ) {
    throw new Parse.Error(Parse.Error.SESSION_MISSING, 'Insufficient auth.');
  }
  throw error;