(perms: ClassLevelPermissions, fields: SchemaFields, userIdRegExp: RegExp)
| 269 | |
| 270 | // validation before setting class-level permissions on collection |
| 271 | function validateCLP(perms: ClassLevelPermissions, fields: SchemaFields, userIdRegExp: RegExp) { |
| 272 | if (!perms) { |
| 273 | return; |
| 274 | } |
| 275 | for (const operationKey in perms) { |
| 276 | if (CLPValidKeys.indexOf(operationKey) == -1) { |
| 277 | throw new Parse.Error( |
| 278 | Parse.Error.INVALID_JSON, |
| 279 | `${operationKey} is not a valid operation for class level permissions` |
| 280 | ); |
| 281 | } |
| 282 | |
| 283 | const operation = perms[operationKey]; |
| 284 | // proceed with next operationKey |
| 285 | |
| 286 | // throws when root fields are of wrong type |
| 287 | validateCLPjson(operation, operationKey); |
| 288 | |
| 289 | if (operationKey === 'readUserFields' || operationKey === 'writeUserFields') { |
| 290 | // validate grouped pointer permissions |
| 291 | // must be an array with field names |
| 292 | for (const fieldName of operation) { |
| 293 | validatePointerPermission(fieldName, fields, operationKey); |
| 294 | } |
| 295 | // readUserFields and writerUserFields do not have nesdted fields |
| 296 | // proceed with next operationKey |
| 297 | continue; |
| 298 | } |
| 299 | |
| 300 | // validate protected fields |
| 301 | if (operationKey === 'protectedFields') { |
| 302 | for (const entity in operation) { |
| 303 | // throws on unexpected key |
| 304 | validateProtectedFieldsKey(entity, userIdRegExp); |
| 305 | |
| 306 | const protectedFields = operation[entity]; |
| 307 | |
| 308 | if (!Array.isArray(protectedFields)) { |
| 309 | throw new Parse.Error( |
| 310 | Parse.Error.INVALID_JSON, |
| 311 | `'${protectedFields}' is not a valid value for protectedFields[${entity}] - expected an array.` |
| 312 | ); |
| 313 | } |
| 314 | |
| 315 | // if the field is in form of array |
| 316 | for (const field of protectedFields) { |
| 317 | // do not alloow to protect default fields |
| 318 | if (defaultColumns._Default[field]) { |
| 319 | throw new Parse.Error( |
| 320 | Parse.Error.INVALID_JSON, |
| 321 | `Default field '${field}' can not be protected` |
| 322 | ); |
| 323 | } |
| 324 | // field should exist on collection |
| 325 | if (!Object.prototype.hasOwnProperty.call(fields, field)) { |
| 326 | throw new Parse.Error( |
| 327 | Parse.Error.INVALID_JSON, |
| 328 | `Field '${field}' in protectedFields:${entity} does not exist` |
no test coverage detected
searching dependent graphs…