From d768211ab951e2389339c773de2270b2ff3ba980 Mon Sep 17 00:00:00 2001
From: AreyouHappy <ssin_7769@naver.com>
Date: Sun, 11 Mar 2018 00:07:31 +0900
Subject: [PATCH] fix purge command issue affecting readonly masterKey (#4619)
 (#4621)

---
 src/Routers/PurgeRouter.js | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/Routers/PurgeRouter.js b/src/Routers/PurgeRouter.js
index 96dd3bf4..8c2a340d 100644
--- a/src/Routers/PurgeRouter.js
+++ b/src/Routers/PurgeRouter.js
@@ -4,6 +4,9 @@ import * as middleware from '../middlewares';
 export class PurgeRouter extends PromiseRouter {
 
   handlePurge(req) {
+    if (req.auth.isReadOnly) {
+      throw new Parse.Error(Parse.Error.OPERATION_FORBIDDEN, 'read-only masterKey isn\'t allowed to purge a schema.');
+    }
     return req.config.database.purgeCollection(req.params.className)
       .then(() => {
         var cacheAdapter = req.config.cacheController;