Class: Parse::Constraint::ACLReadableByConstraint

Inherits:

Parse::Constraint

• Object
• Parse::Constraint
• Parse::Constraint::ACLReadableByConstraint

Defined in:

lib/parse/query/constraints.rb

Overview

A constraint for filtering objects based on ACL read permissions. This constraint queries the MongoDB _rperm field directly. Strings are used as exact permission values (user IDs or "role:RoleName" format).

For role-based filtering with automatic "role:" prefix, use readable_by_role instead.

# Find objects readable by a specific user object (fetches user's roles automatically) Post.where(:ACL.readable_by => user)

# Find objects readable by exact permission strings (no prefix added) Post.where(:ACL.readable_by => "user123") # User ID Post.where(:ACL.readable_by => "role:Admin") # Role with explicit prefix Post.where(:ACL.readable_by => ["user123", "role:Admin"])

Direct Known Subclasses

ACLReadableByExactConstraint, ReadableByConstraint

Instance Attribute Summary

Attributes inherited from Parse::Constraint

#operand, #operation, #operator, #value

Instance Method Summary

• #build ⇒ Hash

  The compiled constraint using _rperm field.

• #readable_by ⇒ ACLReadableByConstraint

  A registered method on a symbol to create the constraint.

• #strict? ⇒ Boolean

  Whether to compile an EXACT match (suppress the implicit public +"*"+ grant and the missing-field branch).

Methods inherited from Parse::Constraint

#as_json, constraint_keyword, create, formatted_value, #formatted_value, #initialize, #key, #precedence, #regex_unicode_option, register, #to_s

Constructor Details

This class inherits a constructor from Parse::Constraint

Instance Method Details

#build ⇒ Hash

Returns the compiled constraint using _rperm field.

Returns:

• (Hash) —

  the compiled constraint using _rperm field.

# File 'lib/parse/query/constraints.rb', line 2841

def build
  # Use @value directly to preserve type information before
  # formatted_value converts to pointers.
  value = @value

  # "No permissions" intent (nil / [] / "none" / :none) matches
  # objects whose _rperm is an explicit empty array — master-key-only
  # documents. A missing _rperm is public (the opposite of "none"), so
  # {ACLPermissions.empty_pipeline} deliberately does NOT match it.
  return ACLPermissions.empty_pipeline(field: "_rperm") if ACLPermissions.empty_intent?(value)

  permissions = ACLPermissions.collect(value)
  ACLPermissions.pipeline(permissions, field: "_rperm", strict: strict?)
end

#readable_by ⇒ ACLReadableByConstraint

A registered method on a symbol to create the constraint.

Examples:

q.where :ACL.readable_by => user_or_permission_strings

Returns:

• (ACLReadableByConstraint)

# File 'lib/parse/query/constraints.rb', line 2831

register :readable_by

#strict? ⇒ Boolean

Returns whether to compile an EXACT match (suppress the implicit public +"*"+ grant and the missing-field branch). Overridden by Parse::Constraint::ACLReadableByExactConstraint.

Returns:

• (Boolean) —

  whether to compile an EXACT match (suppress the implicit public +"*"+ grant and the missing-field branch). Overridden by Parse::Constraint::ACLReadableByExactConstraint.

# File 'lib/parse/query/constraints.rb', line 2836

def strict?
  false
end