Skip to content

Commit ba73e74

Browse files
flovilmartflovilmart
committed
Adds support for static validation
1 parent dd55bbe commit ba73e74

File tree

1 file changed

+16
-13
lines changed

1 file changed

+16
-13
lines changed

src/Controllers/SchemaController.js

Lines changed: 16 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -832,12 +832,14 @@ export default class SchemaController {
832832

833833
// Validates the base CLP for an operation
834834
testBaseCLP(className, aclGroup, operation) {
835-
if (!this.perms[className] || !this.perms[className][operation]) {
835+
return SchemaController.testBaseCLP(this.perms[className], aclGroup, operation);
836+
}
837+
838+
static testBaseCLP(classPermissions, aclGroup, operation) {
839+
if (!classPermissions || !classPermissions[operation]) {
836840
return true;
837841
}
838-
const classPerms = this.perms[className];
839-
const perms = classPerms[operation];
840-
// Handle the public scenario quickly
842+
const perms = classPermissions[operation];
841843
if (perms['*']) {
842844
return true;
843845
}
@@ -848,19 +850,15 @@ export default class SchemaController {
848850
return false;
849851
}
850852

851-
// Validates an operation passes class-level-permissions set in the schema
852-
validatePermission(className, aclGroup, operation) {
853-
854-
if (this.testBaseCLP(className, aclGroup, operation)) {
853+
static validatePermission(classPermissions, className, aclGroup, operation) {
854+
if (SchemaController.testBaseCLP(classPermissions, aclGroup, operation)) {
855855
return Promise.resolve();
856856
}
857857

858-
if (!this.perms[className] || !this.perms[className][operation]) {
858+
if (!classPermissions || !classPermissions[operation]) {
859859
return true;
860860
}
861-
const classPerms = this.perms[className];
862-
const perms = classPerms[operation];
863-
861+
const perms = classPermissions[operation];
864862
// If only for authenticated users
865863
// make sure we have an aclGroup
866864
if (perms['requiresAuthentication']) {
@@ -888,13 +886,18 @@ export default class SchemaController {
888886
}
889887

890888
// Process the readUserFields later
891-
if (Array.isArray(classPerms[permissionField]) && classPerms[permissionField].length > 0) {
889+
if (Array.isArray(classPermissions[permissionField]) && classPermissions[permissionField].length > 0) {
892890
return Promise.resolve();
893891
}
894892
throw new Parse.Error(Parse.Error.OPERATION_FORBIDDEN,
895893
`Permission denied for action ${operation} on class ${className}.`);
896894
}
897895

896+
// Validates an operation passes class-level-permissions set in the schema
897+
validatePermission(className, aclGroup, operation) {
898+
return SchemaController.validatePermission(this.perms[className], className, aclGroup, operation);
899+
}
900+
898901
// Returns the expected type for a className+key combination
899902
// or undefined if the schema is not set
900903
getExpectedType(className, fieldName) {

0 commit comments

Comments
 (0)