0

implicitly meaning considering the Roles the user is in, get me the write access for this user on this object, and my approaches are inefficient, I think:

  1. Cloud code function for querying the user's roles then checking whether the user or his roles have right access to the object.
  Parse.Cloud.define("hasWriteAccess", function(request, response){
    var query = new Parse.Query(Parse.Role);
    query.equalTo("users", request.user);
    query.find().then(function(roles){
      var hasWriteAccess = false;
      for (var i = 0; i < roles.length; i++) {
        if (request.params.parseObject.getACL().getRoleWriteAccess(roles[i])) {
          hasWriteAccess = true;
          break;
        }
      }
      response.success(hasWriteAccess);
    });
  });

  1. Android user's roles query and locally checking write access

    public static Task<Boolean> hasWriteAccess(final ParseObject parseObject) {
    final TaskCompletionSource<Boolean> voidTaskCompletionSource = new TaskCompletionSource<>();
    ParseRole.getQuery().whereEqualTo("users", ParseUser.getCurrentUser()).findInBackground().continueWith(new Continuation<List<ParseRole>, Object>() {
        @Override
        public Object then(Task<List<ParseRole>> task) throws Exception {
            if (task.getError() == null) {
                List<ParseRole> parseRoles = task.getResult();
                boolean hasWriteAccess = false;
                for (ParseRole parseRole : parseRoles) {
                    if (parseObject.getACL().getRoleWriteAccess(parseRole)) {
                        hasWriteAccess = true;
                        break;
                    }
                }
                voidTaskCompletionSource.trySetResult(hasWriteAccess);
            } else {
                voidTaskCompletionSource.trySetError(task.getError());
            }
            return null;
        }
    });
    return voidTaskCompletionSource.getTask();
}

    from Parse Documentation

    • Get whether the given user id is explicitly allowed to write this object. Even if this
    • returns {@code false}, the user may still be able to write it if getPublicWriteAccess returns
    • {@code true} or a role that the user belongs to has write access. */

I can't use these methods on my main posts activity because they are slow network requests, and waiting for the request to finish before querying for the posts results in bad user experience.

This solution won't work because the query won't return the nested roles roles relation, So any suggestions?

Abubakr Hago
  • 51
  • 9
  • In your cloud code, I bet `request.object.ParseObject...` is not what you expect it to be. Maybe you meant `request.params.object`, assuming you're passing in a ParseObject to a param called `object` to your cloud function. – Jake T. Mar 26 '18 at 17:06
  • ooh, sorry this is just a typo here... but my question is about the way I'm getting the ACL, it won't work if roles are nested, what's the solution then?... I think my question is a little unclear – Abubakr Hago Mar 31 '18 at 07:55

0 Answers0