Support direct access server option (#5550)

* Support direct access config test options * add test * fix test * fix definitions * improve docs * Update .travis.yml * Revert "Update .travis.yml" This reverts commit 407f1384953b64bad9e63068db8564c3584ca3a4.
2019-05-10 14:34:19 -05:00
parent f15360cb12
commit b4d915bbbb
7 changed files with 34 additions and 7 deletions
--- a/src/Options/Definitions.js
+++ b/src/Options/Definitions.js
@@ -148,16 +148,16 @@ module.exports.ParseServerOptions = {
  userSensitiveFields: {
    env: 'PARSE_SERVER_USER_SENSITIVE_FIELDS',
    help:
-      'Personally identifiable information fields in the user table the should be removed for non-authorized users. **Deprecated** @see protectedFields',
+      'Personally identifiable information fields in the user table the should be removed for non-authorized users. Deprecated @see protectedFields',
    action: parsers.arrayParser,
    default: ['email'],
  },
  protectedFields: {
    env: 'PARSE_SERVER_PROTECTED_FIELDS',
    help:
-      'Personally identifiable information fields in the user table the should be removed for non-authorized users.',
+      'Protected fields that should be treated with extra security when fetching details.',
    action: parsers.objectParser,
-    default: { _User: { '*': ['email'] } },
+    default: [],
  },
  enableAnonymousUsers: {
    env: 'PARSE_SERVER_ENABLE_ANON_USERS',
@@ -280,6 +280,13 @@ module.exports.ParseServerOptions = {
    action: parsers.numberParser('cacheMaxSize'),
    default: 10000,
  },
+  directAccess: {
+    env: 'PARSE_SERVER_ENABLE_EXPERIMENTAL_DIRECT_ACCESS',
+    help:
+      'Replace HTTP Interface when using JS SDK in current node runtime, defaults to false. Caution, this is an experimental feature that may not be appropriate for production.',
+    action: parsers.booleanParser,
+    default: false,
+  },
  enableSingleSchemaCache: {
    env: 'PARSE_SERVER_ENABLE_SINGLE_SCHEMA_CACHE',
    help:
--- a/src/Options/docs.js
+++ b/src/Options/docs.js
@@ -28,7 +28,8 @@
 * @property {String} webhookKey Key sent with outgoing webhook calls
 * @property {String} fileKey Key for your files
 * @property {Boolean} preserveFileName Enable (or disable) the addition of a unique hash to the file names
- * @property {String[]} userSensitiveFields Personally identifiable information fields in the user table the should be removed for non-authorized users.
+ * @property {String[]} userSensitiveFields Personally identifiable information fields in the user table the should be removed for non-authorized users. Deprecated @see protectedFields
+ * @property {Any} protectedFields Protected fields that should be treated with extra security when fetching details.
 * @property {Boolean} enableAnonymousUsers Enable (or disable) anon users, defaults to true
 * @property {Boolean} allowClientClassCreation Enable (or disable) client class creation, defaults to true
 * @property {Any} auth Configuration for your authentication providers, as stringified JSON. See http://docs.parseplatform.org/parse-server/guide/#oauth-and-3rd-party-authentication
@@ -50,6 +51,7 @@
 * @property {Number} schemaCacheTTL The TTL for caching the schema for optimizing read/write operations. You should put a long TTL when your DB is in production. default to 5000; set 0 to disable.
 * @property {Number} cacheTTL Sets the TTL for the in memory cache (in ms), defaults to 5000 (5 seconds)
 * @property {Number} cacheMaxSize Sets the maximum size for the in memory cache, defaults to 10000
+ * @property {Boolean} directAccess Replace HTTP Interface when using JS SDK in current node runtime, defaults to false. Caution, this is an experimental feature that may not be appropriate for production.
 * @property {Boolean} enableSingleSchemaCache Use a single schema cache shared across requests. Reduces number of queries made to _SCHEMA, defaults to false, i.e. unique schema cache per request.
 * @property {Boolean} enableExpressErrorHandler Enables the default express error handler for all errors
 * @property {Number} objectIdSize Sets the number of characters in generated object id's, default 10
--- a/src/Options/index.js
+++ b/src/Options/index.js
@@ -145,6 +145,10 @@ export interface ParseServerOptions {
  /* Sets the maximum size for the in memory cache, defaults to 10000
  :DEFAULT: 10000 */
  cacheMaxSize: ?number;
+  /* Replace HTTP Interface when using JS SDK in current node runtime, defaults to false. Caution, this is an experimental feature that may not be appropriate for production.
+  :ENV: PARSE_SERVER_ENABLE_EXPERIMENTAL_DIRECT_ACCESS
+  :DEFAULT: false */
+  directAccess: ?boolean;
  /* Use a single schema cache shared across requests. Reduces number of queries made to _SCHEMA, defaults to false, i.e. unique schema cache per request.
  :DEFAULT: false */
  enableSingleSchemaCache: ?boolean;
--- a/src/ParseServer.js
+++ b/src/ParseServer.js
@@ -136,7 +136,7 @@ class ParseServer {
   * @static
   * Create an express app for the parse server
   * @param {Object} options let you specify the maxUploadSize when creating the express app  */
-  static app({ maxUploadSize = '20mb', appId }) {
+  static app({ maxUploadSize = '20mb', appId, directAccess }) {
    // This app serves the Parse API directly.
    // It's the equivalent of https://api.parse.com/1 in the hosted Parse API.
    var api = express();
@@ -193,7 +193,10 @@ class ParseServer {
        ParseServer.verifyServerUrl();
      });
    }
-    if (process.env.PARSE_SERVER_ENABLE_EXPERIMENTAL_DIRECT_ACCESS === '1') {
+    if (
+      process.env.PARSE_SERVER_ENABLE_EXPERIMENTAL_DIRECT_ACCESS === '1' ||
+      directAccess
+    ) {
      Parse.CoreManager.setRESTController(
        ParseServerRESTController(appId, appRouter)
      );