Fix LiveQuery unsafe user (#3525)

* LiveQuery should not use unsafe user setting * server should issue queries with the master key
2017-02-18 16:36:20 -08:00
parent 58bdeeee2d
commit a520ea0243
3 changed files with 21 additions and 13 deletions
--- a/src/LiveQuery/ParseLiveQueryServer.js
+++ b/src/LiveQuery/ParseLiveQueryServer.js
@@ -37,7 +37,6 @@ class ParseLiveQueryServer {

    // Initialize Parse
    Parse.Object.disableSingleInstance();
-    Parse.User.enableUnsafeCurrentUser();

    const serverURL = config.serverURL || Parse.serverURL;
    Parse.serverURL = serverURL;
@@ -363,7 +362,7 @@ class ParseLiveQueryServer {
            // Then get the user's roles
          var rolesQuery = new Parse.Query(Parse.Role);
          rolesQuery.equalTo("users", user);
-          return rolesQuery.find();
+          return rolesQuery.find({useMasterKey:true});
        }).
        then((roles) => {