beforeEach(async () => { Config.get(Parse.applicationId).database.schemaCache.clear(); user1 = await Parse.User.signUp('user1', 'password'); user2 = await Parse.User.signUp('user2', 'password'); await Parse.User.logOut(); });
function createUser() { const config = Config.get(Parse.applicationId); const user = { objectId: '1234567890', username: 'hello', password: 'pass', _session_token: sessionToken, }; return config.database.create('_User', user); }
it('test cloud function should echo keys', function(done) { Parse.Cloud.define('echoKeys', function() { return { applicationId: Parse.applicationId, masterKey: Parse.masterKey, javascriptKey: Parse.javascriptKey, }; }); Parse.Cloud.run('echoKeys').then(result => { expect(result.applicationId).toEqual(Parse.applicationId); expect(result.masterKey).toEqual(Parse.masterKey); expect(result.javascriptKey).toEqual(Parse.javascriptKey); done(); }); });
async function initialize() { await Config.get(Parse.applicationId).database.schemaCache.clear(); [user1, user2] = await Promise.all([ createUser('user1'), createUser('user2'), ]); obj1 = new Parse.Object(className); obj2 = new Parse.Object(className); obj1.set('owner', user1); obj1.set('testers', [user1, user2]); obj1.set('test', 'test'); obj2.set('owner', user2); obj2.set('testers', [user1]); obj2.set('test', 'test'); await Parse.Object.saveAll([obj1, obj2], { useMasterKey: true, }); }
it('should deny access to public using single user pointer-permissions', async done => { const config = Config.get(Parse.applicationId); const obj = new Parse.Object('AnObject'); obj.set('owner', user1); obj.set('test', 'test'); await obj.save(); const schema = await config.database.loadSchema(); await schema.updateClass( 'AnObject', {}, { get: { '*': true }, find: { '*': true }, protectedFields: { '*': ['owner'], 'userField:owner': [] }, } ); const objectAgain = await obj.fetch(); expect(objectAgain.get('owner')).toBe(undefined); expect(objectAgain.get('test')).toBe('test'); done(); });
it('should run with master key basic auth', done => { expect(() => { Parse.Cloud.job('myJob', (req, res) => { expect(req.functionName).toBeUndefined(); expect(req.jobName).toBe('myJob'); expect(typeof req.jobId).toBe('string'); expect(typeof req.message).toBe('function'); expect(typeof res).toBe('undefined'); done(); }); }).not.toThrow(); request({ method: 'POST', url: `http://${Parse.applicationId}:${Parse.masterKey}@localhost:8378/1/jobs/myJob`, }).then( () => {}, err => { fail(err); done(); } ); });
it('should handle empty where', done => { Parse.Cloud.beforeFind('MyObject', req => { const otherQuery = new Parse.Query('MyObject'); otherQuery.equalTo('some', true); return Parse.Query.or(req.query, otherQuery); }); request({ url: 'http://localhost:8378/1/classes/MyObject', headers: { 'X-Parse-Application-Id': Parse.applicationId, 'X-Parse-REST-API-Key': 'rest', }, }).then( () => { done(); }, err => { fail(err); done(); } ); });
/** * Clear cache, create user and object, login user and setup rest headers with token */ async function initialize() { await Config.get(Parse.applicationId).database.schemaCache.clear(); user1 = await createUser('user1'); user1 = await logIn(user1); // await user1.fetch(); obj = new Parse.Object(className); obj.set('owner', user1); obj.set('field', 'field'); obj.set('test', 'test'); await Parse.Object.saveAll([obj], { useMasterKey: true }); headers = { 'X-Parse-Application-Id': Parse.applicationId, 'X-Parse-Rest-API-Key': 'rest', 'Content-Type': 'application/json', 'X-Parse-Session-Token': user1.getSessionToken(), }; }
it('should not upgrade bad legacy session token', done => { request({ method: 'POST', url: Parse.serverURL + '/upgradeToRevocableSession', headers: { 'X-Parse-Application-Id': Parse.applicationId, 'X-Parse-Rest-API-Key': 'rest', 'X-Parse-Session-Token': 'badSessionToken', }, }) .then( () => { fail('should not be able to upgrade a bad token'); }, response => { expect(response.status).toBe(400); expect(response.data).not.toBeUndefined(); expect(response.data.code).toBe(Parse.Error.INVALID_SESSION_TOKEN); expect(response.data.error).toEqual('invalid legacy session token'); } ) .then(() => { done(); }); });
it('should define a job', done => { expect(() => { Parse.Cloud.job('myJob', () => {}); }).not.toThrow(); request({ method: 'POST', url: 'http://localhost:8378/1/jobs/myJob', headers: { 'X-Parse-Application-Id': Parse.applicationId, 'X-Parse-Master-Key': Parse.masterKey, }, }).then( () => { done(); }, err => { fail(err); done(); } ); });
async function initialize() { await Config.get(Parse.applicationId).database.schemaCache.clear(); await Parse.User.logOut(); [user1, user2] = await Promise.all([ createUser('user1'), createUser('user2'), ]); obj1 = new Parse.Object(className); obj2 = new Parse.Object(className); obj1.set('owner', user1); obj1.set('testers', [user1, user2]); obj1.set('test', 'test'); obj2.set('owner', user2); obj2.set('testers', [user1]); obj2.set('test', 'test'); await Parse.Object.saveAll([obj1, obj2], { useMasterKey: true, }); }
it('should deny access to other users using single user pointer-permissions', async done => { const config = Config.get(Parse.applicationId); const obj = new Parse.Object('AnObject'); obj.set('owner', user1); obj.set('test', 'test'); await obj.save(); const schema = await config.database.loadSchema(); await schema.updateClass( 'AnObject', {}, { get: { '*': true }, find: { '*': true }, protectedFields: { '*': ['owner'], 'userField:owner': [] }, } ); await Parse.User.logIn('user2', 'password'); const objectAgain = await obj.fetch(); expect(objectAgain.get('owner')).toBe(undefined); expect(objectAgain.get('test')).toBe('test'); done(); });
it('should allow access using single user pointer-permissions', async done => { const config = Config.get(Parse.applicationId); const obj = new Parse.Object('AnObject'); obj.set('owner', user1); obj.set('test', 'test'); await obj.save(); const schema = await config.database.loadSchema(); await schema.updateClass( 'AnObject', {}, { get: { '*': true }, find: { '*': true }, protectedFields: { '*': ['owner'], 'userField:owner': [] }, } ); await Parse.User.logIn('user1', 'password'); const objectAgain = await obj.fetch(); expect(objectAgain.get('owner').id).toBe(user1.id); expect(objectAgain.get('test')).toBe('test'); done(); });
it('should deny access to other users using user array pointer-permissions', async done => { const config = Config.get(Parse.applicationId); const obj = new Parse.Object('AnObject'); obj.set('owners', [user1]); obj.set('test', 'test'); await obj.save(); const schema = await config.database.loadSchema(); await schema.updateClass( 'AnObject', {}, { get: { '*': true }, find: { '*': true }, protectedFields: { '*': ['owners'], 'userField:owners': [] }, } ); await Parse.User.logIn('user2', 'password'); const objectAgain = await obj.fetch(); expect(objectAgain.get('owners')).toBe(undefined); expect(objectAgain.get('test')).toBe('test'); done(); });
it('should deny access to public using user array pointer-permissions', async done => { const config = Config.get(Parse.applicationId); const obj = new Parse.Object('AnObject'); obj.set('owners', [user1, user2]); obj.set('test', 'test'); await obj.save(); const schema = await config.database.loadSchema(); await schema.updateClass( 'AnObject', {}, { get: { '*': true }, find: { '*': true }, protectedFields: { '*': ['owners'], 'userField:owners': [] }, } ); const objectAgain = await obj.fetch(); expect(objectAgain.get('owners')).toBe(undefined); expect(objectAgain.get('test')).toBe('test'); done(); });