我相信这是 Parse-Server 中的一个新功能。
默认情况下,User
类的 email
字段被视为 protected 字段,这意味着 email
设置为 read: false ,默认向公众写入: false
。但是,User
类中的所有其他字段都设置为 read: true, write: false
在Github上,我看到了这个例子:
export type ClassLevelPermissions = {
find?: { [string]: boolean },
count?: { [string]: boolean },
get?: { [string]: boolean },
create?: { [string]: boolean },
update?: { [string]: boolean },
delete?: { [string]: boolean },
addField?: { [string]: boolean },
readUserFields?: string[],
writeUserFields?: string[],
// new feature
protectedFields?: { [string]: boolean }
};
For example, with the _User class, if the server was initialized with userSensitiveFields: ['email', 'sin', 'phone'], this would be the equivalent of:
{
// CLP for the class ... other
protectedFields: { "*": ["email", "sin"] }
};
Now if you wanted an moderator role to be able to see the user's email but not the sin and an admin which can read it all
{
protectedFields: {
"*": ["email", "sin"],
"role:moderator": ["sin"],
"role:admin": []
}
};
看到这个例子后,我仍然很困惑到底在哪里实现protectedFields
。我是否在应用程序的 index.js
或 main.js
等中实现它?有人可以给我一个示例,说明如何设置字段:phoneNum
以获得类似于email
默认值的protectedField
吗?
最佳答案
它是解析服务器初始化中的一个选项。请参阅此处的 protectedField 选项: http://parseplatform.org/parse-server/api/master/ParseServerOptions.html
我不知道你在哪里/如何运行 Parse 服务器,但它应该是这样的:
var express = require('express');
var ParseServer = require('parse-server').ParseServer;
var app = express();
var api = new ParseServer({
databaseURI: 'mongodb://localhost:27017/dev',
cloud: '/home/myApp/cloud/main.js',
appId: 'myAppId',
masterKey: 'myMasterKey',
fileKey: 'optionalFileKey',
serverURL: 'http://localhost:1337/parse'
protectedFields: {
_User: {
"*": ["email", "sin"],
"role:moderator": ["sin"],
"role:admin": []
}
}
});
app.use('/parse', api);
app.listen(1337, function() {
console.log('parse-server-example running on port 1337.');
});
关于parse-platform - 如何在Parse-Server中实现 `protectedFields`?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/56319533/