Propagate installationId in all Cloud Code triggers.

src/Auth.js

@@ -7,10 +7,11 @@ import cache from './cache';
 // An Auth object tells you who is requesting something and whether
 // the master key was used.
 // userObject is a Parse.User and can be null if there's no user.
-function Auth(config, isMaster, userObject) {
+function Auth({ config, isMaster = false, user, installationId } = {}) {
   this.config = config;
+  this.installationId = installationId;
   this.isMaster = isMaster;
-  this.user = userObject;
+  this.user = user;
 
   // Assuming a users roles won't change during a single request, we'll
   // only load them once.
@@ -33,19 +34,19 @@ Auth.prototype.couldUpdateUserId = function(userId) {
 
 // A helper to get a master-level Auth object
 function master(config) {
-  return new Auth(config, true, null);
+  return new Auth({ config, isMaster: true });
 }
 
 // A helper to get a nobody-level Auth object
 function nobody(config) {
-  return new Auth(config, false, null);
+  return new Auth({ config, isMaster: false });
 }
 
 // Returns a promise that resolves to an Auth object
-var getAuthForSessionToken = function(config, sessionToken) {
+var getAuthForSessionToken = function({ config, sessionToken, installationId } = {}) {
   var cachedUser = cache.users.get(sessionToken);
   if (cachedUser) {
-    return Promise.resolve(new Auth(config, false, cachedUser));
+    return Promise.resolve(new Auth({ config, isMaster: false, installationId, user: cachedUser }));
   }
   var restOptions = {
     limit: 1,
@@ -67,7 +68,7 @@ var getAuthForSessionToken = function(config, sessionToken) {
     obj['sessionToken'] = sessionToken;
     let userObject = Parse.Object.fromJSON(obj);
     cache.users.set(sessionToken, userObject);
-    return new Auth(config, false, userObject);
+    return new Auth({ config, isMaster: false, installationId, user: userObject });
   });
 };
 

src/Controllers/UserController.js

@@ -22,23 +22,22 @@ export class UserController extends AdaptableController {
     }
     super.validateAdapter(adapter);
   }
-  
+
   expectedAdapterType() {
     return MailAdapter;
   }
-  
+
   get shouldVerifyEmails() {
     return this.options.verifyUserEmails;
   }
-  
+
   setEmailVerifyToken(user) {
     if (this.shouldVerifyEmails) {
       user._email_verify_token = randomString(25);
       user.emailVerified = false;
     }
   }
-  
-  
+
   verifyEmail(username, token) {
     if (!this.shouldVerifyEmails) {
       // Trying to verify email when not enabled
@@ -62,7 +61,7 @@ export class UserController extends AdaptableController {
         return document;
       });
   }
-  
+
   checkResetTokenValidity(username, token) {
     return this.config.database.adaptiveCollection('_User')
       .then(collection => {
@@ -78,7 +77,7 @@ export class UserController extends AdaptableController {
         return results[0];
       });
   }
-  
+
   getUserIfNeeded(user) {
     if (user.username && user.email) {
       return Promise.resolve(user);
@@ -90,7 +89,7 @@ export class UserController extends AdaptableController {
     if (user.email) {
       where.email = user.email;
     }
-    
+
     var query = new RestQuery(this.config, Auth.master(this.config), '_User', where);
     return query.execute().then(function(result){
       if (result.results.length != 1) {
@@ -99,7 +98,7 @@ export class UserController extends AdaptableController {
       return result.results[0];
     })
   }
-  
+
 
   sendVerificationEmail(user) {
     if (!this.shouldVerifyEmails) {
@@ -122,7 +121,7 @@ export class UserController extends AdaptableController {
       }
     });
   }
-  
+
   setPasswordResetToken(email) {
     let token = randomString(25);
     return this.config.database
@@ -142,11 +141,11 @@ export class UserController extends AdaptableController {
       //  TODO: No adapter?
       return;
     }
-    
+
     return this.setPasswordResetToken(email).then((user) => {
 
       const token = encodeURIComponent(user._perishable_token);
-      const username = encodeURIComponent(user.username);    
+      const username = encodeURIComponent(user.username);
       let link = `${this.config.requestResetPasswordURL}?token=${token}&username=${username}`
 
       let options = {
@@ -154,7 +153,7 @@ export class UserController extends AdaptableController {
         link: link,
         user: inflate('_User', user),
       };
-      
+
       if (this.adapter.sendPasswordResetEmail) {
         this.adapter.sendPasswordResetEmail(options);
       } else {
@@ -164,13 +163,13 @@ export class UserController extends AdaptableController {
       return Promise.resolve(user);
     });
   }
-  
+
   updatePassword(username, token, password, config) {
    return this.checkResetTokenValidity(username, token).then(() => {
      return updateUserPassword(username, token, password, this.config);
    });
   }
-  
+
   defaultVerificationEmail({link, user, appName, }) {
     let text = "Hi,\n\n" +
 	      "You are being asked to confirm the e-mail address " + user.email + " with " + appName + "\n\n" +
@@ -180,9 +179,9 @@ export class UserController extends AdaptableController {
     let subject = 'Please verify your e-mail for ' + appName;
     return { text, to, subject };
   }
-  
+
   defaultResetPasswordEmail({link, user, appName, }) {
-    let text = "Hi,\n\n" + 
+    let text = "Hi,\n\n" +
         "You requested to reset your password for " + appName + ".\n\n" +
         "" +
         "Click here to reset it:\n" + link;
@@ -193,9 +192,9 @@ export class UserController extends AdaptableController {
 }
 
 // Mark this private
-function updateUserPassword(username, token, password, config) { 
+function updateUserPassword(username, token, password, config) {
     var write = new RestWrite(config, Auth.master(config), '_User', {
-            username: username, 
+            username: username,
             _perishable_token: token
           }, {password: password, _perishable_token: null }, undefined);
     return write.execute();

src/middlewares.js

@@ -89,7 +89,7 @@ function handleParseHeaders(req, res, next) {
   var isMaster = (info.masterKey === req.config.masterKey);
 
   if (isMaster) {
-    req.auth = new auth.Auth(req.config, true);
+    req.auth = new auth.Auth({ config: req.config, installationId: info.installationId, isMaster: true });
     next();
     return;
   }
@@ -114,23 +114,23 @@ function handleParseHeaders(req, res, next) {
   }
 
   if (!info.sessionToken) {
-    req.auth = new auth.Auth(req.config, false);
+    req.auth = new auth.Auth({ config: req.config, installationId: info.installationId, isMaster: false });
     next();
     return;
   }
 
-  return auth.getAuthForSessionToken(
-    req.config, info.sessionToken).then((auth) => {
+  return auth.getAuthForSessionToken({ config: req.config, installationId: info.installationId, sessionToken: info.sessionToken })
+    .then((auth) => {
       if (auth) {
         req.auth = auth;
         next();
       }
-    }).catch((error) => {
+    })
+    .catch((error) => {
       // TODO: Determine the correct error scenario.
       console.log(error);
       throw new Parse.Error(Parse.Error.UNKNOWN_ERROR, error);
     });
-
 }
 
 var allowCrossDomain = function(req, res, next) {

src/triggers.js

@@ -110,12 +110,11 @@ export function getRequestObject(triggerType, auth, parseObject, originalParseOb
   if (auth.user) {
     request['user'] = auth.user;
   }
-  // TODO: Add installation to Auth?
   if (auth.installationId) {
     request['installationId'] = auth.installationId;
   }
   return request;
-};
+}
 
 // Creates the response object, and uses the request object to pass data
 // The API will call this with REST API formatted objects, this will