@openinc/parse-server-opendash 1.13.0 → 1.13.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/functions/getSchemaForAdmin.js +4 -1
  2. package/dist/hooks/Maintenance_Issuecategory.js +1 -1
  3. package/dist/hooks/Maintenance_Ticket_Kanban_State.js +1 -1
  4. package/dist/hooks/_User.js +7 -5
  5. package/dist/index.d.ts +26 -7
  6. package/dist/index.js +17 -10
  7. package/package.json +1 -1
package/dist/functions/getSchemaForAdmin.js CHANGED
@@ -4,7 +4,10 @@ exports.init = void 0;
4
4
  const __1 = require("..");
5
5
  async function init(name) {
6
6
  Parse.Cloud.define(name, async (request) => {
7
- await (0, __1.requirePermission)(request, "parse-admin", "You are not allowed to fetch the schema");
7
+ await (0, __1.requirePermission)({
8
+ sessionToken: request.user?.getSessionToken(),
9
+ master: request.master,
10
+ }, "parse-admin", "You are not allowed to fetch the schema");
8
11
  return await Parse.Schema.all();
9
12
  });
10
13
  }
package/dist/hooks/Maintenance_Issuecategory.js CHANGED
@@ -10,7 +10,7 @@ async function init() {
10
10
  await (0, __1.defaultAclHandler)(request, {
11
11
  allowTenantUserWrite: true,
12
12
  });
13
- (0, __1.requirePermission)(request, "maintenance:can-update-issuecategory", "Permission denied.");
13
+ await (0, __1.requirePermission)(request, "maintenance:can-update-issuecategory", "Permission denied.");
14
14
  // TODO
15
15
  });
16
16
  (0, __1.afterSaveHook)(types_1.Maintenance_Issuecategory, async (request) => {
package/dist/hooks/Maintenance_Ticket_Kanban_State.js CHANGED
@@ -10,7 +10,7 @@ async function init() {
10
10
  await (0, __1.defaultAclHandler)(request, {
11
11
  allowTenantUserWrite: true,
12
12
  });
13
- (0, __1.requirePermission)(request, "maintenance:can-update-kanbanstate", "Permission denied.");
13
+ await (0, __1.requirePermission)(request, "maintenance:can-update-kanbanstate", "Permission denied.");
14
14
  // TODO
15
15
  });
16
16
  (0, __1.afterSaveHook)(types_1.Maintenance_Ticket_Kanban_State, async (request) => {
package/dist/hooks/_User.js CHANGED
@@ -37,11 +37,13 @@ async function init() {
37
37
  request.context.tenantChanged = true;
38
38
  }
39
39
  // fetch user groups
40
- const groups = await new Parse.Query(types_1.Group)
41
- .equalTo("users", user)
42
- .equalTo("usersSeeEachOther", true)
43
- .limit(1000000)
44
- .find({ useMasterKey: true });
40
+ const groups = user.id
41
+ ? await new Parse.Query(types_1.Group)
42
+ .equalTo("users", user)
43
+ .equalTo("usersSeeEachOther", true)
44
+ .limit(1000000)
45
+ .find({ useMasterKey: true })
46
+ : [];
45
47
  user.setACL(new Parse.ACL({
46
48
  ...(tenantId && {
47
49
  [`role:od-tenant-user-${tenantId}`]: { read: true },
package/dist/index.d.ts CHANGED
@@ -7,7 +7,7 @@ export declare function init(cfg?: ConfigInterface): Promise<void>;
7
7
  export declare function hasPermission(sessionToken: string, key: string): Promise<boolean>;
8
8
  export declare function requirePermission(request: {
9
9
  master?: boolean;
10
- user?: Parse.User;
10
+ sessionToken: string | undefined;
11
11
  }, key: string | null, message: string): Promise<void>;
12
12
  export declare function getConfig(key: string): Promise<string | undefined>;
13
13
  export declare function getConfigBoolean(key: string): Promise<boolean>;
@@ -19,26 +19,45 @@ export declare function ensureRole(name: string, options?: {
19
19
  childRoles?: string[];
20
20
  }): Promise<void>;
21
21
  export declare function ensureUserRole(user: Parse.User, roleName: string, add?: boolean): Promise<void>;
22
- export declare function immutableField(request: Parse.Cloud.BeforeSaveRequest, fieldName: string, permissionName?: string | null): Promise<void>;
23
- export declare function defaultHandler(request: Parse.Cloud.BeforeSaveRequest): Promise<void>;
22
+ export declare function immutableField(request: {
23
+ original?: Parse.Object;
24
+ object: Parse.Object;
25
+ master?: boolean;
26
+ sessionToken: string | undefined;
27
+ }, fieldName: string, permissionName?: string | null): Promise<void>;
28
+ export declare function defaultHandler(request: {
29
+ original?: Parse.Object;
30
+ object: Parse.Object;
31
+ user?: Parse.User;
32
+ master?: boolean;
33
+ sessionToken: string | undefined;
34
+ }): Promise<void>;
24
35
  export declare function defaultAclHandler(request: Parse.Cloud.BeforeSaveRequest, options?: {
25
36
  allowCustomACL?: boolean;
26
37
  allowTenantUserWrite?: boolean;
27
38
  denyTenantUserRead?: boolean;
28
39
  }): Promise<void>;
29
- declare type beforeSaveHookType<T extends Parse.Object<Parse.Attributes>> = (request: ParseCloud.BeforeSaveRequest<T>) => Promise<void>;
40
+ declare type beforeSaveHookType<T extends Parse.Object<Parse.Attributes>> = (request: ParseCloud.BeforeSaveRequest<T> & {
41
+ sessionToken: string | undefined;
42
+ }) => Promise<void>;
30
43
  export declare function beforeSaveHook<T extends Parse.Object<Parse.Attributes>>(target: string | {
31
44
  new (): T;
32
45
  }, callback: beforeSaveHookType<T>): void;
33
- declare type afterSaveHookType<T extends Parse.Object<Parse.Attributes>> = (request: ParseCloud.AfterSaveRequest<T>) => Promise<void>;
46
+ declare type afterSaveHookType<T extends Parse.Object<Parse.Attributes>> = (request: ParseCloud.AfterSaveRequest<T> & {
47
+ sessionToken: string | undefined;
48
+ }) => Promise<void>;
34
49
  export declare function afterSaveHook<T extends Parse.Object<Parse.Attributes>>(target: string | {
35
50
  new (): T;
36
51
  }, callback: afterSaveHookType<T>): void;
37
- declare type beforeDeleteHookType<T extends Parse.Object<Parse.Attributes>> = (request: ParseCloud.BeforeDeleteRequest<T>) => Promise<void>;
52
+ declare type beforeDeleteHookType<T extends Parse.Object<Parse.Attributes>> = (request: ParseCloud.BeforeDeleteRequest<T> & {
53
+ sessionToken: string | undefined;
54
+ }) => Promise<void>;
38
55
  export declare function beforeDeleteHook<T extends Parse.Object<Parse.Attributes>>(target: string | {
39
56
  new (): T;
40
57
  }, callback: beforeDeleteHookType<T>): void;
41
- declare type afterDeleteHookType<T extends Parse.Object<Parse.Attributes>> = (request: ParseCloud.AfterDeleteRequest<T>) => Promise<void>;
58
+ declare type afterDeleteHookType<T extends Parse.Object<Parse.Attributes>> = (request: ParseCloud.AfterDeleteRequest<T> & {
59
+ sessionToken: string | undefined;
60
+ }) => Promise<void>;
42
61
  export declare function afterDeleteHook<T extends Parse.Object<Parse.Attributes>>(target: string | {
43
62
  new (): T;
44
63
  }, callback: afterDeleteHookType<T>): void;
package/dist/index.js CHANGED
@@ -76,15 +76,14 @@ async function requirePermission(request, key, message) {
76
76
  return;
77
77
  }
78
78
  if (!key) {
79
- throw new Parse.Error(119, "Missing Permission: " + (message || key || "Master Key Only"));
79
+ throw new Parse.Error(119, "Missing Permission (1): " + (message || key || "Master Key Only"));
80
80
  }
81
- const sessionToken = request.user?.getSessionToken();
82
- if (!sessionToken) {
83
- throw new Parse.Error(119, "Missing Permission: " + (message || key || "Master Key Only"));
81
+ if (!request.sessionToken) {
82
+ throw new Parse.Error(119, "Missing Permission (2): " + (message || key || "Master Key Only"));
84
83
  }
85
- const p = await hasPermission(sessionToken, key);
84
+ const p = await hasPermission(request.sessionToken, key);
86
85
  if (!p) {
87
- throw new Parse.Error(119, "Missing Permission: " + (message || key || "Master Key Only"));
86
+ throw new Parse.Error(119, "Missing Permission (3): " + (message || key || "Master Key Only"));
88
87
  }
89
88
  }
90
89
  exports.requirePermission = requirePermission;
@@ -273,8 +272,10 @@ function beforeSaveHook(target, callback) {
273
272
  if (!beforeSaveHooks[className]) {
274
273
  beforeSaveHooks[className] = [];
275
274
  Parse.Cloud.beforeSave(className, async function beforeSaveHookFunction(request) {
275
+ const sessionToken = request.user?.getSessionToken();
276
+ const newRequest = { ...request, sessionToken };
276
277
  for (const fn of beforeSaveHooks[className]) {
277
- await fn(request);
278
+ await fn(newRequest);
278
279
  }
279
280
  });
280
281
  }
@@ -288,8 +289,10 @@ function afterSaveHook(target, callback) {
288
289
  if (!afterSaveHooks[className]) {
289
290
  afterSaveHooks[className] = [];
290
291
  Parse.Cloud.afterSave(className, async function afterSaveHookFunction(request) {
292
+ const sessionToken = request.user?.getSessionToken();
293
+ const newRequest = { ...request, sessionToken };
291
294
  for (const fn of afterSaveHooks[className]) {
292
- await fn(request);
295
+ await fn(newRequest);
293
296
  }
294
297
  });
295
298
  }
@@ -303,8 +306,10 @@ function beforeDeleteHook(target, callback) {
303
306
  if (!beforeDeleteHooks[className]) {
304
307
  beforeDeleteHooks[className] = [];
305
308
  Parse.Cloud.beforeDelete(className, async function beforeDeleteHookFunction(request) {
309
+ const sessionToken = request.user?.getSessionToken();
310
+ const newRequest = { ...request, sessionToken };
306
311
  for (const fn of beforeDeleteHooks[className]) {
307
- await fn(request);
312
+ await fn(newRequest);
308
313
  }
309
314
  });
310
315
  }
@@ -318,8 +323,10 @@ function afterDeleteHook(target, callback) {
318
323
  if (!afterDeleteHooks[className]) {
319
324
  afterDeleteHooks[className] = [];
320
325
  Parse.Cloud.afterDelete(className, async function afterDeleteHookFunction(request) {
326
+ const sessionToken = request.user?.getSessionToken();
327
+ const newRequest = { ...request, sessionToken };
321
328
  for (const fn of afterDeleteHooks[className]) {
322
- await fn(request);
329
+ await fn(newRequest);
323
330
  }
324
331
  });
325
332
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@openinc/parse-server-opendash",
3
- "version": "1.13.0",
3
+ "version": "1.13.3",
4
4
  "description": "Parse Server Cloud Code for open.DASH",
5
5
  "keywords": [
6
6
  "parse",