Skip to content

Commit 00f2fd9

Browse files
dblythydblythy
committed
create requireUserRoles
1 parent e8112c5 commit 00f2fd9

File tree

2 files changed

+46
-5
lines changed

2 files changed

+46
-5
lines changed

spec/CloudCode.Validator.spec.js

Lines changed: 32 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -860,15 +860,15 @@ describe('cloud validator', () => {
860860
});
861861
});
862862

863-
it('basic validator requireUserRoles', async function (done) {
863+
it('basic validator requireUserRole', async function (done) {
864864
Parse.Cloud.define(
865865
'cloudFunction',
866866
() => {
867867
return true;
868868
},
869869
{
870870
requireUser: true,
871-
requireUserRoles: ['Admin'],
871+
requireUserRole: ['Admin'],
872872
}
873873
);
874874
const user = await Parse.User.signUp('testuser', 'p@ssword');
@@ -887,6 +887,36 @@ describe('cloud validator', () => {
887887
done();
888888
});
889889

890+
it('basic validator requireUserRoles', async function (done) {
891+
Parse.Cloud.define(
892+
'cloudFunction',
893+
() => {
894+
return true;
895+
},
896+
{
897+
requireUser: true,
898+
requireUserRoles: ['Admin', 'Admin2'],
899+
}
900+
);
901+
const user = await Parse.User.signUp('testuser', 'p@ssword');
902+
try {
903+
await Parse.Cloud.run('cloudFunction');
904+
fail('cloud validator should have failed.');
905+
} catch (e) {
906+
expect(e.message).toBe('Validation failed. User does not match all the required roles.');
907+
}
908+
const roleACL = new Parse.ACL();
909+
roleACL.setPublicReadAccess(true);
910+
const role = new Parse.Role('Admin', roleACL);
911+
role.getUsers().add(user);
912+
913+
const role2 = new Parse.Role('Admin2', roleACL);
914+
role2.getUsers().add(user);
915+
await Promise.all([role.save({ useMasterKey: true }), role2.save({ useMasterKey: true })]);
916+
await Parse.Cloud.run('cloudFunction');
917+
done();
918+
});
919+
890920
it('basic requireUserRoles but no user', async function (done) {
891921
Parse.Cloud.define(
892922
'cloudFunction',

src/triggers.js

Lines changed: 14 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -641,7 +641,7 @@ async function builtInTriggerValidator(options, request, auth) {
641641
) {
642642
reqUser = request.object;
643643
}
644-
if ((options.requireUser || options.requireUserRoles) && !reqUser) {
644+
if ((options.requireUser || options.requireUserRole || options.requireUserRoles) && !reqUser) {
645645
throw 'Validation failed. Please login to continue.';
646646
}
647647
if (options.requireMaster && !request.master) {
@@ -733,14 +733,25 @@ async function builtInTriggerValidator(options, request, auth) {
733733
}
734734
}
735735
}
736-
const userRoles = options.requireUserRoles;
736+
const userRoles = options.requireUserRole;
737+
const requireAllRoles = options.requireUserRoles;
738+
let roles;
739+
if (userRoles || requireAllRoles) {
740+
roles = await auth.getUserRoles();
741+
}
737742
if (userRoles) {
738-
const roles = await auth.getUserRoles();
739743
const hasRole = userRoles.some(requiredRole => roles.includes(`role:${requiredRole}`));
740744
if (!hasRole) {
741745
throw `Validation failed. User does not match the required roles.`;
742746
}
743747
}
748+
if (requireAllRoles) {
749+
for (const requiredRole of requireAllRoles) {
750+
if (!roles.includes(`role:${requiredRole}`)) {
751+
throw `Validation failed. User does not match all the required roles.`;
752+
}
753+
}
754+
}
744755
const userKeys = options.requireUserKeys || [];
745756
if (Array.isArray(userKeys)) {
746757
for (const key of userKeys) {

0 commit comments

Comments
 (0)