joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Prevents _User lock out when setting ACL on signup or afterwards (#1429)

Browse Source
This commit is contained in:
Florent Vilmart
2016-04-08 13:19:41 -04:00
parent 30197a7d84
commit b433fb9b4e
2 changed files with 62 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/RestWrite.js
View File

@@ -716,6 +716,11 @@ RestWrite.prototype.runDatabaseOperation = function() {
}
if (this.query) {
// Force the user to not lockout
// Matched with parse.com
if (this.className === '_User' && this.data.ACL) {
this.data.ACL[this.query.objectId] = { read: true, write: true };
}
// Run an update
return this.config.database.update(
this.className, this.query, this.data, this.runOptions).then((resp) => {
@@ -732,10 +737,15 @@ RestWrite.prototype.runDatabaseOperation = function() {
});
} else {
// Set the default ACL for the new _User
if (!this.data.ACL && this.className === '_User') {
var ACL = {};
if (this.className === '_User') {
var ACL = this.data.ACL;
// default public r/w ACL
if (!ACL) {
ACL = {};
ACL['*'] = { read: true, write: false };
}
// make sure the user is not locked down
ACL[this.data.objectId] = { read: true, write: true };
ACL['*'] = { read: true, write: false };
this.data.ACL = ACL;
}