如何在 Parse-Server 中实现 `protectedFields`?
How to implement `protectedFields` in Parse-Server?
我相信这是 Parse-Server 中的一项新功能。
默认情况下,User
class 的 email
字段被视为受保护字段,这意味着 email
设置为 read: false, write: false
public 默认。但是,User
class 中的每个其他字段都设置为 read: true, write: false
在Github中看到了这个例子:
export type ClassLevelPermissions = {
find?: { [string]: boolean },
count?: { [string]: boolean },
get?: { [string]: boolean },
create?: { [string]: boolean },
update?: { [string]: boolean },
delete?: { [string]: boolean },
addField?: { [string]: boolean },
readUserFields?: string[],
writeUserFields?: string[],
// new feature
protectedFields?: { [string]: boolean }
};
For example, with the _User class, if the server was initialized with userSensitiveFields: ['email', 'sin', 'phone'], this would be the equivalent of:
{
// CLP for the class ... other
protectedFields: { "*": ["email", "sin"] }
};
Now if you wanted an moderator role to be able to see the user's email but not the sin and an admin which can read it all
{
protectedFields: {
"*": ["email", "sin"],
"role:moderator": ["sin"],
"role:admin": []
}
};
看到这个例子后,我仍然很困惑具体在哪里实现protectedFields
。我是否在我的应用程序的 index.js
或 main.js
等中实现它?有人可以给我一个例子,说明如何设置一个字段:phoneNum
使 protectedField
类似于 email
的默认值吗?
这是解析服务器初始化中的一个选项。请在此处查看 protectedField 选项:
http://parseplatform.org/parse-server/api/master/ParseServerOptions.html
我不完全知道 where/how 你是 运行 你的 Parse 服务器,但它应该是这样的:
var express = require('express');
var ParseServer = require('parse-server').ParseServer;
var app = express();
var api = new ParseServer({
databaseURI: 'mongodb://localhost:27017/dev',
cloud: '/home/myApp/cloud/main.js',
appId: 'myAppId',
masterKey: 'myMasterKey',
fileKey: 'optionalFileKey',
serverURL: 'http://localhost:1337/parse'
protectedFields: {
_User: {
"*": ["email", "sin"],
"role:moderator": ["sin"],
"role:admin": []
}
}
});
app.use('/parse', api);
app.listen(1337, function() {
console.log('parse-server-example running on port 1337.');
});
我相信这是 Parse-Server 中的一项新功能。
默认情况下,User
class 的 email
字段被视为受保护字段,这意味着 email
设置为 read: false, write: false
public 默认。但是,User
class 中的每个其他字段都设置为 read: true, write: false
在Github中看到了这个例子:
export type ClassLevelPermissions = {
find?: { [string]: boolean },
count?: { [string]: boolean },
get?: { [string]: boolean },
create?: { [string]: boolean },
update?: { [string]: boolean },
delete?: { [string]: boolean },
addField?: { [string]: boolean },
readUserFields?: string[],
writeUserFields?: string[],
// new feature
protectedFields?: { [string]: boolean }
};
For example, with the _User class, if the server was initialized with userSensitiveFields: ['email', 'sin', 'phone'], this would be the equivalent of:
{
// CLP for the class ... other
protectedFields: { "*": ["email", "sin"] }
};
Now if you wanted an moderator role to be able to see the user's email but not the sin and an admin which can read it all
{
protectedFields: {
"*": ["email", "sin"],
"role:moderator": ["sin"],
"role:admin": []
}
};
看到这个例子后,我仍然很困惑具体在哪里实现protectedFields
。我是否在我的应用程序的 index.js
或 main.js
等中实现它?有人可以给我一个例子,说明如何设置一个字段:phoneNum
使 protectedField
类似于 email
的默认值吗?
这是解析服务器初始化中的一个选项。请在此处查看 protectedField 选项: http://parseplatform.org/parse-server/api/master/ParseServerOptions.html
我不完全知道 where/how 你是 运行 你的 Parse 服务器,但它应该是这样的:
var express = require('express');
var ParseServer = require('parse-server').ParseServer;
var app = express();
var api = new ParseServer({
databaseURI: 'mongodb://localhost:27017/dev',
cloud: '/home/myApp/cloud/main.js',
appId: 'myAppId',
masterKey: 'myMasterKey',
fileKey: 'optionalFileKey',
serverURL: 'http://localhost:1337/parse'
protectedFields: {
_User: {
"*": ["email", "sin"],
"role:moderator": ["sin"],
"role:admin": []
}
}
});
app.use('/parse', api);
app.listen(1337, function() {
console.log('parse-server-example running on port 1337.');
});