joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(Users): Makes sure verifying emails triggers hooks and liveQuery (#3851)

Browse Source 
* Use RestWrite when verifying emails so hooks are called (as master)

* Fixes tests for postgres

* nit

* Makes rest.update support a full where instead of objectId

* Use rest.update to guaranteed proper beforeSave and liveQuery calls
This commit is contained in:
Florent Vilmart
2017-05-28 20:34:49 -04:00
committed by GitHub
parent 73aafa2d24
commit c2abbae92d
7 changed files with 29 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
spec/ParseInstallation.spec.js
View File

@@ -339,11 +339,11 @@ describe('Installations', () => {
.then(() => database.adapter.find('_Installation', installationSchema, {}, {}))
.then(results => {
expect(results.length).toEqual(1);
var id = results[0].objectId;
var objectId = results[0].objectId;
var update = {
'channels': ['baz']
};
return rest.update(config, auth.nobody(config), '_Installation', id, update);
return rest.update(config, auth.nobody(config), '_Installation', { objectId }, update);
})
.then(() => database.adapter.find('_Installation', installationSchema, {}, {}))
.then(results => {
@@ -370,7 +370,7 @@ describe('Installations', () => {
.then(results => {
expect(results.length).toEqual(1);
input = { 'installationId': installId2 };
return rest.update(config, auth.nobody(config), '_Installation', results[0].objectId, input);
return rest.update(config, auth.nobody(config), '_Installation', { objectId: results[0].objectId }, input);
}).then(() => {
fail('Updating the installation should have failed.');
done();
@@ -393,7 +393,7 @@ describe('Installations', () => {
.then(results => {
expect(results.length).toEqual(1);
input = { 'deviceToken': b };
return rest.update(config, auth.nobody(config), '_Installation', results[0].objectId, input);
return rest.update(config, auth.nobody(config), '_Installation', { objectId: results[0].objectId }, input);
}).then(() => {
fail('Updating the installation should have failed.');
}).catch((error) => {
@@ -421,7 +421,7 @@ describe('Installations', () => {
'deviceToken': u,
'deviceType': 'ios'
};
return rest.update(config, auth.nobody(config), '_Installation', results[0].objectId, input);
return rest.update(config, auth.nobody(config), '_Installation', { objectId: results[0].objectId }, input);
})
.then(() => database.adapter.find('_Installation', installationSchema, {}, {}))
.then(results => {
@@ -448,7 +448,7 @@ describe('Installations', () => {
input = {
'deviceType': 'ios'
};
return rest.update(config, auth.nobody(config), '_Installation', results[0].objectId, input);
return rest.update(config, auth.nobody(config), '_Installation', { objectId: results[0].objectId }, input);
}).then(() => {
fail('Should not have been able to update Installation.');
done();
@@ -472,7 +472,7 @@ describe('Installations', () => {
input = {
'custom': 'allowed'
};
return rest.update(config, auth.nobody(config), '_Installation', results[0].objectId, input);
return rest.update(config, auth.nobody(config), '_Installation', { objectId: results[0].objectId }, input);
})
.then(() => database.adapter.find('_Installation', installationSchema, {}, {}))
.then(results => {
@@ -514,7 +514,7 @@ describe('Installations', () => {
'objectId': secondObject.objectId,
'deviceToken': t
};
return rest.update(config, auth.nobody(config), '_Installation', secondObject.objectId, input);
return rest.update(config, auth.nobody(config), '_Installation', { objectId: secondObject.objectId }, input);
})
.then(() => database.adapter.find('_Installation', installationSchema, {objectId: firstObject.objectId}, {}))
.then(results => {
@@ -562,7 +562,7 @@ describe('Installations', () => {
'installationId': installId2,
'deviceToken': t
};
return rest.update(config, auth.nobody(config), '_Installation', secondObject.objectId, input);
return rest.update(config, auth.nobody(config), '_Installation', { objectId: secondObject.objectId }, input);
})
.then(() => delay(100))
.then(() => database.adapter.find('_Installation', installationSchema, {objectId: firstObject.objectId}, {}))
@@ -619,7 +619,7 @@ describe('Installations', () => {
'deviceToken': t,
'channels': []
};
return rest.update(config, auth.nobody(config), '_Installation', results[0].objectId, input);
return rest.update(config, auth.nobody(config), '_Installation', { objectId: results[0].objectId }, input);
})
.then(() => database.adapter.find('_Installation', installationSchema, {}, {}))
.then(results => {
@@ -657,7 +657,7 @@ describe('Installations', () => {
'installationId': installId,
'deviceType': 'ios'
};
return rest.update(config, auth.nobody(config), '_Installation', results[0].objectId, input);
return rest.update(config, auth.nobody(config), '_Installation', { objectId: results[0].objectId }, input);
})
.then(() => database.adapter.find('_Installation', installationSchema, {}, {}))
.then(results => {
@@ -699,7 +699,7 @@ describe('Installations', () => {
'amount': 1
}
};
return rest.update(config, auth.nobody(config), '_Installation', results[0].objectId, input);
return rest.update(config, auth.nobody(config), '_Installation', { objectId: results[0].objectId }, input);
})
.then(() => database.adapter.find('_Installation', installationSchema, {}, {}))
.then(results => {
@@ -744,7 +744,7 @@ describe('Installations', () => {
'deviceToken': t,
'deviceType': 'ios'
};
return rest.update(config, auth.nobody(config), '_Installation', installObj.objectId, input);
return rest.update(config, auth.nobody(config), '_Installation', { objectId: installObj.objectId }, input);
})
.then(() => database.adapter.find('_Installation', installationSchema, { objectId: tokenObj.objectId }, {}))
.then(results => {
@@ -791,7 +791,7 @@ describe('Installations', () => {
'amount': 1
}
};
return rest.update(config, auth.nobody(config), '_Installation', installObj.objectId, input);
return rest.update(config, auth.nobody(config), '_Installation', { objectId: installObj.objectId }, input);
})
.then(() => database.adapter.find('_Installation', installationSchema, { objectId: tokenObj.objectId }, {}))
.then(results => {

6
spec/rest.spec.js
View File

@@ -64,7 +64,7 @@ describe('rest create', () => {
expect(mob.subdoc.wu).toBe('tan');
expect(typeof mob.objectId).toEqual('string');
const obj = { 'subdoc.wu': 'clan' };
return rest.update(config, auth.nobody(config), 'MyClass', mob.objectId, obj)
return rest.update(config, auth.nobody(config), 'MyClass', { objectId: mob.objectId }, obj)
})
.then(() => database.adapter.find('MyClass', { fields: {} }, {}, {}))
.then(results => {
@@ -195,7 +195,7 @@ describe('rest create', () => {
objectId = r.response.objectId;
return auth.getAuthForSessionToken({config, sessionToken: r.response.sessionToken })
}).then((sessionAuth) => {
return rest.update(config, sessionAuth, '_User', objectId, updatedData);
return rest.update(config, sessionAuth, '_User', { objectId }, updatedData);
}).then(() => {
return Parse.User.logOut().then(() => {
return Parse.User.logIn('hello', 'world');
@@ -435,7 +435,7 @@ describe('rest update', () => {
createdAt: {__type: "Date", iso: newCreatedAt}, // should be ignored
};
return rest.update(config, nobody, className, objectId, restObject).then(() => {
return rest.update(config, nobody, className, { objectId }, restObject).then(() => {
const restWhere = {
objectId: objectId,
};

3
src/Adapters/Storage/Postgres/PostgresStorageAdapter.js
View File

@@ -58,7 +58,8 @@ const toPostgresValue = value => {
}
const transformValue = value => {
if (value.__type === 'Pointer') {
if (typeof value === 'object' &&
value.__type === 'Pointer') {
return value.objectId;
}
return value;

11
src/Controllers/UserController.js
View File

@@ -59,18 +59,13 @@ export class UserController extends AdaptableController {
updateFields._email_verify_token_expires_at = {__op: 'Delete'};
}
const masterAuth = Auth.master(this.config);
var checkIfAlreadyVerified = new RestQuery(this.config, Auth.master(this.config), '_User', {username: username, emailVerified: true});
return checkIfAlreadyVerified.execute().then(result => {
if (result.results.length) {
return Promise.resolve(result.results.length[0]);
}
return this.config.database.update('_User', query, updateFields).then((document) => {
if (!document) {
throw undefined
}
return Promise.resolve(document);
})
return rest.update(this.config, masterAuth, '_User', query, updateFields);
});
}
@@ -229,7 +224,7 @@ export class UserController extends AdaptableController {
// Mark this private
function updateUserPassword(userId, password, config) {
return rest.update(config, Auth.master(config), '_User', userId, {
return rest.update(config, Auth.master(config), '_User', { objectId: userId }, {
password: password
});
}

3
src/RestWrite.js
View File

@@ -360,7 +360,8 @@ RestWrite.prototype.transformUser = function() {
throw new Parse.Error(Parse.Error.OPERATION_FORBIDDEN, error);
}
if (this.query) {
// Do not cleanup session if objectId is not set
if (this.query && this.objectId()) {
// If we're updating a _User object, we need to clear out the cache for that user. Find all their
// session tokens, and remove them from the cache.
promise = new RestQuery(this.config, Auth.master(this.config), '_Session', {

3
src/Routers/ClassesRouter.js
View File

@@ -103,7 +103,8 @@ export class ClassesRouter extends PromiseRouter {
}
handleUpdate(req) {
return rest.update(req.config, req.auth, req.params.className, req.params.objectId, req.body, req.info.clientSDK);
const where = { objectId: req.params.objectId }
return rest.update(req.config, req.auth, req.params.className, where, req.body, req.info.clientSDK);
}
handleDelete(req) {

6
src/rest.js
View File

@@ -113,14 +113,14 @@ function create(config, auth, className, restObject, clientSDK) {
// Returns a promise that contains the fields of the update that the
// REST API is supposed to return.
// Usually, this is just updatedAt.
function update(config, auth, className, objectId, restObject, clientSDK) {
function update(config, auth, className, restWhere, restObject, clientSDK) {
enforceRoleSecurity('update', className, auth);
return Promise.resolve().then(() => {
const hasTriggers = checkTriggers(className, config, ['beforeSave', 'afterSave']);
const hasLiveQuery = checkLiveQuery(className, config);
if (hasTriggers || hasLiveQuery) {
return find(config, Auth.master(config), className, {objectId: objectId});
return find(config, Auth.master(config), className, restWhere);
}
return Promise.resolve({});
}).then((response) => {
@@ -129,7 +129,7 @@ function update(config, auth, className, objectId, restObject, clientSDK) {
originalRestObject = response.results[0];
}
var write = new RestWrite(config, auth, className, {objectId: objectId}, restObject, originalRestObject, clientSDK);
var write = new RestWrite(config, auth, className, restWhere, restObject, originalRestObject, clientSDK);
return write.execute();
});
}