Class: Parse::Constraint::ReadableByConstraint

Inherits:
Parse::Constraint show all
Includes:
AclConstraintHelpers
Defined in:
lib/parse/query/constraints.rb

Overview

Note:

This constraint uses aggregation pipeline because Parse Server restricts direct queries on the internal _rperm field.

ACL Read Permission Query Constraint Query objects based on read permissions using MongoDB's internal _rperm field. Parse Server restricts direct queries on _rperm, so this uses aggregation pipeline.

Examples:

Find objects with NO read permissions (master key only / private)

Song.query.where(:acl.readable_by => [])

Find objects readable by a specific user ID

Song.query.where(:acl.readable_by => "userId123")
Song.query.where(:acl.readable_by => current_user)

Find objects readable by a role

Song.query.where(:acl.readable_by => "role:Admin")

Find objects with public read access

Song.query.where(:acl.readable_by => "*")
Song.query.where(:acl.readable_by => :public)

Find objects readable by ANY of the specified users/roles

Song.query.where(:acl.readable_by => [user1.id, "role:Admin", "*"])

Instance Attribute Summary

Attributes inherited from Parse::Constraint

#operand, #operation, #operator, #value

Instance Method Summary collapse

Methods inherited from Parse::Constraint

#as_json, constraint_keyword, create, formatted_value, #formatted_value, #initialize, #key, #precedence, register, #to_s

Constructor Details

This class inherits a constructor from Parse::Constraint

Instance Method Details

#buildHash

Returns the compiled constraint using aggregation pipeline.

Returns:

  • (Hash)

    the compiled constraint using aggregation pipeline.



3086
3087
3088
3089
3090
3091
3092
3093
3094
3095
3096
3097
3098
3099
3100
3101
3102
3103
3104
3105
3106
3107
3108
3109
3110
3111
3112
3113
3114
3115
 
# File 'lib/parse/query/constraints.rb', line 3086

def build
  keys = normalize_acl_keys(@value)

  if keys.empty?
    # Empty array = no read permissions (master key only)
    # Match documents where _rperm is an empty array
    pipeline = [
      {
        "$match" => {
          "$or" => [
            { "_rperm" => { "$exists" => true, "$eq" => [] } },
            { "_rperm" => { "$exists" => false } },
          ],
        },
      },
    ]
  else
    # Find objects readable by ANY of the specified keys
    # Use $in to match if _rperm contains any of the keys
    pipeline = [
      {
        "$match" => {
          "_rperm" => { "$in" => keys },
        },
      },
    ]
  end

  { "__aggregation_pipeline" => pipeline }
end

#readable_byReadableByConstraint

A registered method on a symbol to create the constraint. NOTE: :readable_by is already registered by ACLReadableByConstraint above. This class provides simplified empty ACL queries and is used internally.

Examples:

q.where :acl.readable_by => []
q.where :acl.readable_by => "userId"
q.where :acl.readable_by => ["userId", "role:Admin"]

Returns:




# File 'lib/parse/query/constraints.rb', line 3075