Skip to content

Objects with RoleACL result in (Object not Found) when updating. #520

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
polo2244 opened this issue Feb 19, 2016 · 3 comments
Closed

Objects with RoleACL result in (Object not Found) when updating. #520

polo2244 opened this issue Feb 19, 2016 · 3 comments

Comments

@polo2244
Copy link

Hello,

I've been creating and saving an object in Cloud.
The User logged in on iOS and is in the ADMIN_ROLE.
Parse-Server v2.1.1 is running locally with mongo db.
The Cloud Code :

        ... var roleACL = new Parse.ACL();
        roleACL.setPublicReadAccess(false);
        roleACL.setPublicWriteAccess(false);

        // Read & Write by Admins
        roleACL.setRoleWriteAccess('ADMIN_ROLE', true);
        roleACL.setRoleReadAccess('ADMIN_ROLE', true);
        object.setACL(roleACL);

        return object.save();  //## Here the object saves successfully
        }).then(function(object) {
        //Do some modifications
        return object.save(); //##  the object fails to save using save()
        return object.save({},{useMasterKey: true}); //##  the object saves successfully
        return object.save({},{sessionToken: request.user.getSessionToken()});//##  the object fails to save
        ...

Shouldn't the save(); without master key be enough in this situation to modify the object since the User is in the Read/Write Role assigned ? or should the master key be always passed ?

this is the Object in the mongo db
{ "_id": "NZ3NGhdbBV", "_rperm": [ "role:ADMIN_ROLE", ], "_wperm": [ "role:ADMIN_ROLE", ], ...

@polo2244
Copy link
Author

Also i tried the following:

        var currentUser = request.user;
        var roleACL = new Parse.ACL();
        roleACL.setPublicReadAccess(false);
        roleACL.setPublicWriteAccess(false);

        // Read & Write by The User
        roleACL.setWriteAccess(currentUser, true);
        roleACL.setReadAccess(currentUser, true);

        object.setACL(roleACL);

        return object.save();  //## Here the object saves successfully
        }).then(function(object) {
        //Do some modifications
        return object.save(); //##  the object fails to save using save()
        return object.save({},{useMasterKey: true}); //##  the object saves successfully
        return object.save({},{sessionToken: request.user.getSessionToken()});//##  the object saves successfully

@gfosco
Copy link
Contributor

gfosco commented Feb 19, 2016

Please try with 2.1.2 which includes #374.

That said, you would need to pass the sessionToken or useMasterKey, since the 'current user' does not exist in node and would not be sent along with the request.

@polo2244
Copy link
Author

My mistake, i was not aware of 2.1.2
I updated to 2.1.2 and the problem was solved using your suggestion.
Thank you.

@gfosco gfosco closed this as completed Feb 19, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@gfosco @polo2244