Hello,
I've been creating and saving an object in Cloud.
The User logged in on iOS and is in the ADMIN_ROLE.
Parse-Server v2.1.1 is running locally with mongo db.
The Cloud Code :
... var roleACL = new Parse.ACL();
roleACL.setPublicReadAccess(false);
roleACL.setPublicWriteAccess(false);
// Read & Write by Admins
roleACL.setRoleWriteAccess('ADMIN_ROLE', true);
roleACL.setRoleReadAccess('ADMIN_ROLE', true);
object.setACL(roleACL);
return object.save(); //## Here the object saves successfully
}).then(function(object) {
//Do some modifications
return object.save(); //## the object fails to save using save()
return object.save({},{useMasterKey: true}); //## the object saves successfully
return object.save({},{sessionToken: request.user.getSessionToken()});//## the object fails to save
...
Shouldn't the save(); without master key be enough in this situation to modify the object since the User is in the Read/Write Role assigned ? or should the master key be always passed ?
this is the Object in the mongo db
{ "_id": "NZ3NGhdbBV", "_rperm": [ "role:ADMIN_ROLE", ], "_wperm": [ "role:ADMIN_ROLE", ], ...
Hello,
I've been creating and saving an object in Cloud.
The User logged in on iOS and is in the ADMIN_ROLE.
Parse-Server v2.1.1 is running locally with mongo db.
The Cloud Code :
Shouldn't the save(); without master key be enough in this situation to modify the object since the User is in the Read/Write Role assigned ? or should the master key be always passed ?
this is the Object in the mongo db
{ "_id": "NZ3NGhdbBV", "_rperm": [ "role:ADMIN_ROLE", ], "_wperm": [ "role:ADMIN_ROLE", ], ...