Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New: requireAnyUserRoles and requireAllUserRoles for Parse Cloud Validator #7097

Merged
merged 12 commits into from
Feb 12, 2021
Merged

New: requireAnyUserRoles and requireAllUserRoles for Parse Cloud Validator #7097

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
4c43697
new: requireUserRole for Parse Cloud Validator
dblythy Dec 26, 2020
8dc59b4
change to requireUserRoles
dblythy Jan 4, 2021
e4d276e
Update CHANGELOG.md
dblythy Jan 4, 2021
00389d1
Merge branch 'master' into roleBasedValidator
dblythy Jan 4, 2021
cba81dd
revoke triggers
dblythy Jan 4, 2021
5dc7b6f
Update triggers.js
dblythy Jan 5, 2021
b4a3005
Update ParseLiveQueryServer.js
dblythy Jan 31, 2021
e8112c5
Update ParseLiveQueryServer.js
dblythy Jan 31, 2021
00f2fd9
create requireUserRoles
dblythy Jan 31, 2021
3d390f5
Merge branch 'master' into roleBasedValidator
dblythy Feb 11, 2021
20e1cf4
rename to requireAny and requireAll
dblythy Feb 12, 2021
2fb7827
allow for a function
dblythy Feb 12, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,8 @@ ___
- IMPROVE: Parse Server will from now on be continuously tested against all relevant MongoDB versions (minor versions). Added MongoDB compatibility table to Parse Server docs. [7161](https://github.com/parse-community/parse-server/pull/7161). Thanks to [Manuel Trezza](https://github.com/mtrezza).
- IMPROVE: Optimize queries on classes with pointer permissions. [#7061](https://github.com/parse-community/parse-server/pull/7061). Thanks to [Pedro Diaz](https://github.com/pdiaz)
- FIX: request.context for afterFind triggers. [#7078](https://github.com/parse-community/parse-server/pull/7078). Thanks to [dblythy](https://github.com/dblythy)
- NEW: `requireAnyUserRoles` and `requireAllUserRoles` for Parse Cloud validator. [#7097](https://github.com/parse-community/parse-server/pull/7097). Thanks to [dblythy](https://github.com/dblythy)
- NEW: Added convenience method Parse.Cloud.sendEmail(...) to send email via email adapter in Cloud Code. [#7089](https://github.com/parse-community/parse-server/pull/7089). Thanks to [dblythy](https://github.com/dblythy)
- FIX: Winston Logger interpolating stdout to console [#7114](https://github.com/parse-community/parse-server/pull/7114). Thanks to [dplewis](https://github.com/dplewis)

### 4.5.0
Expand Down
144 changes: 144 additions & 0 deletions spec/CloudCode.Validator.spec.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -878,6 +878,150 @@ describe('cloud validator', () => {
});
});

it('basic validator requireAnyUserRoles', async function (done) {
Parse.Cloud.define(
'cloudFunction',
() => {
return true;
},
{
requireUser: true,
requireAnyUserRoles: ['Admin'],
}
);
const user = await Parse.User.signUp('testuser', 'p@ssword');
try {
await Parse.Cloud.run('cloudFunction');
fail('cloud validator should have failed.');
} catch (e) {
expect(e.message).toBe('Validation failed. User does not match the required roles.');
}
const roleACL = new Parse.ACL();
roleACL.setPublicReadAccess(true);
const role = new Parse.Role('Admin', roleACL);
role.getUsers().add(user);
await role.save({ useMasterKey: true });
await Parse.Cloud.run('cloudFunction');
done();
});

it('basic validator requireAllUserRoles', async function (done) {
Parse.Cloud.define(
'cloudFunction',
() => {
return true;
},
{
requireUser: true,
requireAllUserRoles: ['Admin', 'Admin2'],
}
);
const user = await Parse.User.signUp('testuser', 'p@ssword');
try {
await Parse.Cloud.run('cloudFunction');
fail('cloud validator should have failed.');
} catch (e) {
expect(e.message).toBe('Validation failed. User does not match all the required roles.');
}
const roleACL = new Parse.ACL();
roleACL.setPublicReadAccess(true);
const role = new Parse.Role('Admin', roleACL);
role.getUsers().add(user);

const role2 = new Parse.Role('Admin2', roleACL);
role2.getUsers().add(user);
await Promise.all([role.save({ useMasterKey: true }), role2.save({ useMasterKey: true })]);
await Parse.Cloud.run('cloudFunction');
done();
});

it('allow requireAnyUserRoles to be a function', async function (done) {
Parse.Cloud.define(
'cloudFunction',
() => {
return true;
},
{
requireUser: true,
requireAnyUserRoles: () => {
return ['Admin Func'];
},
}
);
const user = await Parse.User.signUp('testuser', 'p@ssword');
try {
await Parse.Cloud.run('cloudFunction');
fail('cloud validator should have failed.');
} catch (e) {
expect(e.message).toBe('Validation failed. User does not match the required roles.');
}
const roleACL = new Parse.ACL();
roleACL.setPublicReadAccess(true);
const role = new Parse.Role('Admin Func', roleACL);
role.getUsers().add(user);
await role.save({ useMasterKey: true });
await Parse.Cloud.run('cloudFunction');
done();
});

it('allow requireAllUserRoles to be a function', async function (done) {
Parse.Cloud.define(
'cloudFunction',
() => {
return true;
},
{
requireUser: true,
requireAllUserRoles: () => {
return ['AdminA', 'AdminB'];
},
}
);
const user = await Parse.User.signUp('testuser', 'p@ssword');
try {
await Parse.Cloud.run('cloudFunction');
fail('cloud validator should have failed.');
} catch (e) {
expect(e.message).toBe('Validation failed. User does not match all the required roles.');
}
const roleACL = new Parse.ACL();
roleACL.setPublicReadAccess(true);
const role = new Parse.Role('AdminA', roleACL);
role.getUsers().add(user);

const role2 = new Parse.Role('AdminB', roleACL);
role2.getUsers().add(user);
await Promise.all([role.save({ useMasterKey: true }), role2.save({ useMasterKey: true })]);
await Parse.Cloud.run('cloudFunction');
done();
});

it('basic requireAllUserRoles but no user', async function (done) {
Parse.Cloud.define(
'cloudFunction',
() => {
return true;
},
{
requireAllUserRoles: ['Admin'],
}
);
try {
await Parse.Cloud.run('cloudFunction');
fail('cloud validator should have failed.');
} catch (e) {
expect(e.message).toBe('Validation failed. Please login to continue.');
}
const user = await Parse.User.signUp('testuser', 'p@ssword');
const roleACL = new Parse.ACL();
roleACL.setPublicReadAccess(true);
const role = new Parse.Role('Admin', roleACL);
role.getUsers().add(user);
await role.save({ useMasterKey: true });
await Parse.Cloud.run('cloudFunction');
done();
});

it('basic beforeSave requireMaster', function (done) {
Parse.Cloud.beforeSave('BeforeSaveFail', () => {}, {
requireMaster: true,
Expand Down
Loading