joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Always return default public permissions

Browse Source
This commit is contained in:
Florent Vilmart
2016-03-10 23:01:45 -05:00
parent 16e3529c96
commit c935ed8364
2 changed files with 63 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

59
spec/schemas.spec.js
View File

@@ -23,6 +23,27 @@ var hasAllPODobject = () => {
return obj; return obj;
}; };
let defaultClassLevelPermissions = {
find: {
'*': true
},
create: {
'*': true
},
get: {
'*': true
},
update: {
'*': true
},
addField: {
'*': true
},
delete: {
'*': true
}
}
var plainOldDataSchema = { var plainOldDataSchema = {
className: 'HasAllPOD', className: 'HasAllPOD',
fields: { fields: {
@@ -40,7 +61,8 @@ var plainOldDataSchema = {
aArray: {type: 'Array'}, aArray: {type: 'Array'},
aGeoPoint: {type: 'GeoPoint'}, aGeoPoint: {type: 'GeoPoint'},
aFile: {type: 'File'} aFile: {type: 'File'}
} },
classLevelPermissions: defaultClassLevelPermissions
}; };
var pointersAndRelationsSchema = { var pointersAndRelationsSchema = {
@@ -61,6 +83,7 @@ var pointersAndRelationsSchema = {
targetClass: 'HasAllPOD', targetClass: 'HasAllPOD',
}, },
}, },
classLevelPermissions: defaultClassLevelPermissions
} }
var noAuthHeaders = { var noAuthHeaders = {
@@ -296,7 +319,8 @@ describe('schemas', () => {
objectId: {type: 'String'}, objectId: {type: 'String'},
foo: {type: 'Number'}, foo: {type: 'Number'},
ptr: {type: 'Pointer', targetClass: 'SomeClass'}, ptr: {type: 'Pointer', targetClass: 'SomeClass'},
} },
classLevelPermissions: defaultClassLevelPermissions
}); });
done(); done();
}); });
@@ -318,7 +342,8 @@ describe('schemas', () => {
createdAt: {type: 'Date'}, createdAt: {type: 'Date'},
updatedAt: {type: 'Date'}, updatedAt: {type: 'Date'},
objectId: {type: 'String'}, objectId: {type: 'String'},
} },
classLevelPermissions: defaultClassLevelPermissions
}); });
done(); done();
}); });
@@ -490,7 +515,8 @@ describe('schemas', () => {
"objectId": {"type": "String"}, "objectId": {"type": "String"},
"updatedAt": {"type": "Date"}, "updatedAt": {"type": "Date"},
"geo2": {"type": "GeoPoint"}, "geo2": {"type": "GeoPoint"},
} },
classLevelPermissions: defaultClassLevelPermissions
})).toEqual(undefined); })).toEqual(undefined);
done(); done();
}); });
@@ -539,6 +565,7 @@ describe('schemas', () => {
"updatedAt": {"type": "Date"}, "updatedAt": {"type": "Date"},
"newField": {"type": "String"}, "newField": {"type": "String"},
}, },
classLevelPermissions: defaultClassLevelPermissions
})).toEqual(undefined); })).toEqual(undefined);
request.get({ request.get({
url: 'http://localhost:8378/1/schemas/NewClass', url: 'http://localhost:8378/1/schemas/NewClass',
@@ -553,7 +580,8 @@ describe('schemas', () => {
updatedAt: {type: 'Date'}, updatedAt: {type: 'Date'},
objectId: {type: 'String'}, objectId: {type: 'String'},
newField: {type: 'String'}, newField: {type: 'String'},
} },
classLevelPermissions: defaultClassLevelPermissions
}); });
done(); done();
}); });
@@ -590,7 +618,8 @@ describe('schemas', () => {
emailVerified: {type: 'Boolean'}, emailVerified: {type: 'Boolean'},
newField: {type: 'String'}, newField: {type: 'String'},
ACL: {type: 'ACL'} ACL: {type: 'ACL'}
} },
classLevelPermissions: defaultClassLevelPermissions
}); });
request.get({ request.get({
url: 'http://localhost:8378/1/schemas/_User', url: 'http://localhost:8378/1/schemas/_User',
@@ -610,7 +639,8 @@ describe('schemas', () => {
emailVerified: {type: 'Boolean'}, emailVerified: {type: 'Boolean'},
newField: {type: 'String'}, newField: {type: 'String'},
ACL: {type: 'ACL'} ACL: {type: 'ACL'}
} },
classLevelPermissions: defaultClassLevelPermissions
}); });
done(); done();
}); });
@@ -656,7 +686,8 @@ describe('schemas', () => {
aNewString: {type: 'String'}, aNewString: {type: 'String'},
aNewPointer: {type: 'Pointer', targetClass: 'HasAllPOD'}, aNewPointer: {type: 'Pointer', targetClass: 'HasAllPOD'},
aNewRelation: {type: 'Relation', targetClass: 'HasAllPOD'}, aNewRelation: {type: 'Relation', targetClass: 'HasAllPOD'},
} },
classLevelPermissions: defaultClassLevelPermissions
}); });
var obj2 = new Parse.Object('HasAllPOD'); var obj2 = new Parse.Object('HasAllPOD');
obj2.set('aNewPointer', obj1); obj2.set('aNewPointer', obj1);
@@ -902,6 +933,18 @@ describe('schemas', () => {
}, },
create: { create: {
'role:admin': true 'role:admin': true
},
get: {
'*': true
},
update: {
'*': true
},
addField: {
'*': true
},
delete: {
'*': true
} }
}); });
done(); done();

14
src/Schema.js
View File

@@ -96,6 +96,13 @@ function verifyPermissionKey(key) {
} }
let CLPValidKeys = ['find', 'get', 'create', 'update', 'delete', 'addField']; let CLPValidKeys = ['find', 'get', 'create', 'update', 'delete', 'addField'];
let DefaultClassLevelPermissions = CLPValidKeys.reduce((perms, key) => {
perms[key] = {
'*': true
};
return perms;
}, {});
function validateCLP(perms) { function validateCLP(perms) {
if (!perms) { if (!perms) {
return; return;
@@ -879,9 +886,12 @@ function mongoSchemaToSchemaAPIResponse(schema) {
className: schema._id, className: schema._id,
fields: mongoSchemaAPIResponseFields(schema), fields: mongoSchemaAPIResponseFields(schema),
}; };
let classLevelPermissions = DefaultClassLevelPermissions;
if (schema._metadata && schema._metadata.class_permissions) { if (schema._metadata && schema._metadata.class_permissions) {
result.classLevelPermissions = schema._metadata.class_permissions; classLevelPermissions = Object.assign(classLevelPermissions, schema._metadata.class_permissions);
} }
result.classLevelPermissions = classLevelPermissions;
return result; return result;
} }