如何在 Parse-Server 中实现 `protectedFields`?

How to implement `protectedFields` in Parse-Server?

我相信这是 Parse-Server 中的一项新功能。

默认情况下,User class 的 email 字段被视为受保护字段,这意味着 email 设置为 read: false, write: false public 默认。但是,User class 中的每个其他字段都设置为 read: true, write: false

在Github中看到了这个例子:

export type ClassLevelPermissions = {
find?: { [string]: boolean },
count?: { [string]: boolean },
get?: { [string]: boolean },
create?: { [string]: boolean },
update?: { [string]: boolean },
delete?: { [string]: boolean },
addField?: { [string]: boolean },
readUserFields?: string[],
writeUserFields?: string[],

// new feature
protectedFields?: { [string]: boolean }
};

For example, with the _User class, if the server was initialized with userSensitiveFields: ['email', 'sin', 'phone'], this would be the equivalent of:

{
// CLP for the class ... other 
protectedFields: { "*": ["email", "sin"] }
};

Now if you wanted an moderator role to be able to see the user's email but not the sin and an admin which can read it all

{
 protectedFields: { 
   "*": ["email", "sin"],
   "role:moderator": ["sin"],
   "role:admin": []
 }
};

看到这个例子后,我仍然很困惑具体在哪里实现protectedFields。我是否在我的应用程序的 index.jsmain.js 等中实现它?有人可以给我一个例子,说明如何设置一个字段:phoneNum 使 protectedField 类似于 email 的默认值吗?

这是解析服务器初始化中的一个选项。请在此处查看 protectedField 选项: http://parseplatform.org/parse-server/api/master/ParseServerOptions.html

我不完全知道 where/how 你是 运行 你的 Parse 服务器,但它应该是这样的:

var express = require('express');
var ParseServer = require('parse-server').ParseServer;
var app = express();

var api = new ParseServer({
  databaseURI: 'mongodb://localhost:27017/dev',
  cloud: '/home/myApp/cloud/main.js',
  appId: 'myAppId',
  masterKey: 'myMasterKey',
  fileKey: 'optionalFileKey',
  serverURL: 'http://localhost:1337/parse'
  protectedFields: {
    _User: {
      "*": ["email", "sin"],
      "role:moderator": ["sin"],
      "role:admin": []
    }
  }
});

app.use('/parse', api);

app.listen(1337, function() {
  console.log('parse-server-example running on port 1337.');
});