Эхлэл Бүгдийг харах Тусламж
Бүртгүүлэх Нэвтрэх
chengnan
/
s202226701001
1
0
Салаа 0
Файлууд Асуудлууд 0 Хуулах хүсэлтүүд 0 Мэдлэгийн сан
Салаа: master
Салаанууд Тагууд
s202226701001
/
sever-test
/
node_modules
/
parse-server
/
lib
/
SharedRest.js

SharedRest.js 4.7 KB
Байнгын холболт Түүх Анхны өгөгдөл

12345678910111213141516171819202122232425262728 
  1. "use strict";
    2. 

  2. 

  3. const classesWithMasterOnlyAccess = ['_JobStatus', '_PushStatus', '_Hooks', '_GlobalConfig', '_JobSchedule', '_Idempotency'];
    4. 

  4. // Disallowing access to the _Role collection except by master key
    5. 

  5. function enforceRoleSecurity(method, className, auth) {
    6. 

  6.   if (className === '_Installation' && !auth.isMaster && !auth.isMaintenance) {
    7. 

  7.     if (method === 'delete' || method === 'find') {
    8. 

  8.       const error = `Clients aren't allowed to perform the ${method} operation on the installation collection.`;
    9. 

  9.       throw new Parse.Error(Parse.Error.OPERATION_FORBIDDEN, error);
    10. 

  10.     }
    11. 

  11.   }
    12. 

  12. 

  13.   //all volatileClasses are masterKey only
    14. 

  14.   if (classesWithMasterOnlyAccess.indexOf(className) >= 0 && !auth.isMaster && !auth.isMaintenance) {
    15. 

  15.     const error = `Clients aren't allowed to perform the ${method} operation on the ${className} collection.`;
    16. 

  16.     throw new Parse.Error(Parse.Error.OPERATION_FORBIDDEN, error);
    17. 

  17.   }
    18. 

  18. 

  19.   // readOnly masterKey is not allowed
    20. 

  20.   if (auth.isReadOnly && (method === 'delete' || method === 'create' || method === 'update')) {
    21. 

  21.     const error = `read-only masterKey isn't allowed to perform the ${method} operation.`;
    22. 

  22.     throw new Parse.Error(Parse.Error.OPERATION_FORBIDDEN, error);
    23. 

  23.   }
    24. 

  24. }
    25. 

  25. module.exports = {
    26. 

  26.   enforceRoleSecurity
    27. 

  27. };
    28. 

  28. //# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjozLCJuYW1lcyI6WyJjbGFzc2VzV2l0aE1hc3Rlck9ubHlBY2Nlc3MiLCJlbmZvcmNlUm9sZVNlY3VyaXR5IiwibWV0aG9kIiwiY2xhc3NOYW1lIiwiYXV0aCIsImlzTWFzdGVyIiwiaXNNYWludGVuYW5jZSIsImVycm9yIiwiUGFyc2UiLCJFcnJvciIsIk9QRVJBVElPTl9GT1JCSURERU4iLCJpbmRleE9mIiwiaXNSZWFkT25seSIsIm1vZHVsZSIsImV4cG9ydHMiXSwic291cmNlcyI6WyIuLi9zcmMvU2hhcmVkUmVzdC5qcyJdLCJzb3VyY2VzQ29udGVudCI6WyJjb25zdCBjbGFzc2VzV2l0aE1hc3Rlck9ubHlBY2Nlc3MgPSBbXG4gICdfSm9iU3RhdHVzJyxcbiAgJ19QdXNoU3RhdHVzJyxcbiAgJ19Ib29rcycsXG4gICdfR2xvYmFsQ29uZmlnJyxcbiAgJ19Kb2JTY2hlZHVsZScsXG4gICdfSWRlbXBvdGVuY3knLFxuXTtcbi8vIERpc2FsbG93aW5nIGFjY2VzcyB0byB0aGUgX1JvbGUgY29sbGVjdGlvbiBleGNlcHQgYnkgbWFzdGVyIGtleVxuZnVuY3Rpb24gZW5mb3JjZVJvbGVTZWN1cml0eShtZXRob2QsIGNsYXNzTmFtZSwgYXV0aCkge1xuICBpZiAoY2xhc3NOYW1lID09PSAnX0luc3RhbGxhdGlvbicgJiYgIWF1dGguaXNNYXN0ZXIgJiYgIWF1dGguaXNNYWludGVuYW5jZSkge1xuICAgIGlmIChtZXRob2QgPT09ICdkZWxldGUnIHx8IG1ldGhvZCA9PT0gJ2ZpbmQnKSB7XG4gICAgICBjb25zdCBlcnJvciA9IGBDbGllbnRzIGFyZW4ndCBhbGxvd2VkIHRvIHBlcmZvcm0gdGhlICR7bWV0aG9kfSBvcGVyYXRpb24gb24gdGhlIGluc3RhbGxhdGlvbiBjb2xsZWN0aW9uLmA7XG4gICAgICB0aHJvdyBuZXcgUGFyc2UuRXJyb3IoUGFyc2UuRXJyb3IuT1BFUkFUSU9OX0ZPUkJJRERFTiwgZXJyb3IpO1xuICAgIH1cbiAgfVxuXG4gIC8vYWxsIHZvbGF0aWxlQ2xhc3NlcyBhcmUgbWFzdGVyS2V5IG9ubHlcbiAgaWYgKFxuICAgIGNsYXNzZXNXaXRoTWFzdGVyT25seUFjY2Vzcy5pbmRleE9mKGNsYXNzTmFtZSkgPj0gMCAmJlxuICAgICFhdXRoLmlzTWFzdGVyICYmXG4gICAgIWF1dGguaXNNYWludGVuYW5jZVxuICApIHtcbiAgICBjb25zdCBlcnJvciA9IGBDbGllbnRzIGFyZW4ndCBhbGxvd2VkIHRvIHBlcmZvcm0gdGhlICR7bWV0aG9kfSBvcGVyYXRpb24gb24gdGhlICR7Y2xhc3NOYW1lfSBjb2xsZWN0aW9uLmA7XG4gICAgdGhyb3cgbmV3IFBhcnNlLkVycm9yKFBhcnNlLkVycm9yLk9QRVJBVElPTl9GT1JCSURERU4sIGVycm9yKTtcbiAgfVxuXG4gIC8vIHJlYWRPbmx5IG1hc3RlcktleSBpcyBub3QgYWxsb3dlZFxuICBpZiAoYXV0aC5pc1JlYWRPbmx5ICYmIChtZXRob2QgPT09ICdkZWxldGUnIHx8IG1ldGhvZCA9PT0gJ2NyZWF0ZScgfHwgbWV0aG9kID09PSAndXBkYXRlJykpIHtcbiAgICBjb25zdCBlcnJvciA9IGByZWFkLW9ubHkgbWFzdGVyS2V5IGlzbid0IGFsbG93ZWQgdG8gcGVyZm9ybSB0aGUgJHttZXRob2R9IG9wZXJhdGlvbi5gO1xuICAgIHRocm93IG5ldyBQYXJzZS5FcnJvcihQYXJzZS5FcnJvci5PUEVSQVRJT05fRk9SQklEREVOLCBlcnJvcik7XG4gIH1cbn1cblxubW9kdWxlLmV4cG9ydHMgPSB7XG4gIGVuZm9yY2VSb2xlU2VjdXJpdHksXG59O1xuIl0sIm1hcHBpbmdzIjoiOztBQUFBLE1BQU1BLDJCQUEyQixHQUFHLENBQ2xDLFlBQVksRUFDWixhQUFhLEVBQ2IsUUFBUSxFQUNSLGVBQWUsRUFDZixjQUFjLEVBQ2QsY0FBYyxDQUNmO0FBQ0Q7QUFDQSxTQUFTQyxtQkFBbUJBLENBQUNDLE1BQU0sRUFBRUMsU0FBUyxFQUFFQyxJQUFJLEVBQUU7RUFDcEQsSUFBSUQsU0FBUyxLQUFLLGVBQWUsSUFBSSxDQUFDQyxJQUFJLENBQUNDLFFBQVEsSUFBSSxDQUFDRCxJQUFJLENBQUNFLGFBQWEsRUFBRTtJQUMxRSxJQUFJSixNQUFNLEtBQUssUUFBUSxJQUFJQSxNQUFNLEtBQUssTUFBTSxFQUFFO01BQzVDLE1BQU1LLEtBQUssR0FBRyx5Q0FBeUNMLE1BQU0sNENBQTRDO01BQ3pHLE1BQU0sSUFBSU0sS0FBSyxDQUFDQyxLQUFLLENBQUNELEtBQUssQ0FBQ0MsS0FBSyxDQUFDQyxtQkFBbUIsRUFBRUgsS0FBSyxDQUFDO0lBQy9EO0VBQ0Y7O0VBRUE7RUFDQSxJQUNFUCwyQkFBMkIsQ0FBQ1csT0FBTyxDQUFDUixTQUFTLENBQUMsSUFBSSxDQUFDLElBQ25ELENBQUNDLElBQUksQ0FBQ0MsUUFBUSxJQUNkLENBQUNELElBQUksQ0FBQ0UsYUFBYSxFQUNuQjtJQUNBLE1BQU1DLEtBQUssR0FBRyx5Q0FBeUNMLE1BQU0scUJBQXFCQyxTQUFTLGNBQWM7SUFDekcsTUFBTSxJQUFJSyxLQUFLLENBQUNDLEtBQUssQ0FBQ0QsS0FBSyxDQUFDQyxLQUFLLENBQUNDLG1CQUFtQixFQUFFSCxLQUFLLENBQUM7RUFDL0Q7O0VBRUE7RUFDQSxJQUFJSCxJQUFJLENBQUNRLFVBQVUsS0FBS1YsTUFBTSxLQUFLLFFBQVEsSUFBSUEsTUFBTSxLQUFLLFFBQVEsSUFBSUEsTUFBTSxLQUFLLFFBQVEsQ0FBQyxFQUFFO0lBQzFGLE1BQU1LLEtBQUssR0FBRyxvREFBb0RMLE1BQU0sYUFBYTtJQUNyRixNQUFNLElBQUlNLEtBQUssQ0FBQ0MsS0FBSyxDQUFDRCxLQUFLLENBQUNDLEtBQUssQ0FBQ0MsbUJBQW1CLEVBQUVILEtBQUssQ0FBQztFQUMvRDtBQUNGO0FBRUFNLE1BQU0sQ0FBQ0MsT0FBTyxHQUFHO0VBQ2ZiO0FBQ0YsQ0FBQyIsImlnbm9yZUxpc3QiOltdfQ==
    29.