Class: Parse::Constraint::ReadableByConstraint

Inherits:
Parse::Constraint show all
Includes:
AclConstraintHelpers
Defined in:
lib/parse/query/constraints.rb

Overview

Note:

This constraint uses aggregation pipeline because Parse Server restricts direct queries on the internal _rperm field.

ACL Read Permission Query Constraint Query objects based on read permissions using MongoDB’s internal _rperm field. Parse Server restricts direct queries on _rperm, so this uses aggregation pipeline.

Examples:

Find objects with NO read permissions (master key only / private)

Song.query.where(:acl.readable_by => [])

Find objects readable by a specific user ID

Song.query.where(:acl.readable_by => "userId123")
Song.query.where(:acl.readable_by => current_user)

Find objects readable by a role

Song.query.where(:acl.readable_by => "role:Admin")

Find objects with public read access

Song.query.where(:acl.readable_by => "*")
Song.query.where(:acl.readable_by => :public)

Find objects readable by ANY of the specified users/roles

Song.query.where(:acl.readable_by => [user1.id, "role:Admin", "*"])

Instance Attribute Summary

Attributes inherited from Parse::Constraint

#operand, #operation, #operator, #value

Instance Method Summary collapse

Methods inherited from Parse::Constraint

#as_json, constraint_keyword, create, formatted_value, #formatted_value, #initialize, #key, #precedence, register, #to_s

Constructor Details

This class inherits a constructor from Parse::Constraint

Instance Method Details

#buildHash

Returns the compiled constraint using aggregation pipeline.

Returns:

  • (Hash)

    the compiled constraint using aggregation pipeline.



3055
3056
3057
3058
3059
3060
3061
3062
3063
3064
3065
3066
3067
3068
3069
3070
3071
3072
3073
3074
3075
3076
3077
3078
3079
3080
3081
3082
3083
3084
 
# File 'lib/parse/query/constraints.rb', line 3055

def build
  keys = normalize_acl_keys(@value)

  if keys.empty?
    # Empty array = no read permissions (master key only)
    # Match documents where _rperm is an empty array
    pipeline = [
      {
        "$match" => {
          "$or" => [
            { "_rperm" => { "$exists" => true, "$eq" => [] } },
            { "_rperm" => { "$exists" => false } },
          ],
        },
      },
    ]
  else
    # Find objects readable by ANY of the specified keys
    # Use $in to match if _rperm contains any of the keys
    pipeline = [
      {
        "$match" => {
          "_rperm" => { "$in" => keys },
        },
      },
    ]
  end

  { "__aggregation_pipeline" => pipeline }
end

#readable_byReadableByConstraint

A registered method on a symbol to create the constraint. NOTE: :readable_by is already registered by ACLReadableByConstraint above. This class provides simplified empty ACL queries and is used internally.

Examples:

q.where :acl.readable_by => []
q.where :acl.readable_by => "userId"
q.where :acl.readable_by => ["userId", "role:Admin"]

Returns:




# File 'lib/parse/query/constraints.rb', line 3044