我想要实现的功能是
这就是我试图在云代码中实现这一目标的方法
使用管理员和用户ACL创建两个虚拟对象,下面是这两个步骤的代码
Parse.Cloud.afterSave("account", function(request) {
var accountName = request.object.get("name");
//create admin role
var adminRoleACL = new Parse.ACL();
adminRoleACL.setPublicReadAccess(false);
adminRoleACL.setPublicWriteAccess(false);
var adminRole = new Parse.Role(accountName + ADMINISTRATOR, adminRoleACL);
adminRole.save();
//create user role
var userRoleACL = new Parse.ACL();
userRoleACL.setPublicReadAccess(false);
userRoleACL.setPublicWriteAccess(false);
var userRole = new Parse.Role(accountName + USER, userRoleACL);
userRole.save();
// create dummy object for each role with access to only that role
// we will use these dummy objects in cloud code to figure out whether
// the user belongs to that group.
//create dummy for admin
var dummy = new Dummy();
dummy.set("name", accountName + ADMINISTRATOR + DUMMY);
var dummyACL = new Parse.ACL();
dummyACL.setPublicReadAccess(false);
dummyACL.setRoleReadAccess(adminRole, true);
dummy.setACL(dummyACL);
dummy.save();
//create dummy for user
dummy = new Dummy();
dummy.set("name", accountName + USER + DUMMY);
dummyACL = new Parse.ACL();
dummyACL.setPublicReadAccess(false);
dummyACL.setRoleReadAccess(userRole, true);
dummy.setACL(dummyACL);
dummy.save();
});
创建帐户后,我将此用户添加到管理员和用户组,这里是代码
Parse.Cloud.define("addUsersToRole", function(request, response) {
Parse.Cloud.useMasterKey();
var currentUser = request.user;
var accountName = request.params.accountname;
var query = new Parse.Query(Parse.Role);
query.contains("name", accountName);
query.find({
success : function(roles) {
console.log("roles: " + roles.length);
for (var i = 0; i < roles.length; i++) {
roles[i].getUsers().add(currentUser);
roles[i].save();
}
response.success();
},
error : function(error) {
response.error("error adding to admin role " + error);
}
});
});
现在,当我尝试进行注册时,我只想检查当前用户是否可以找到已创建的管理虚拟对象(因为该ACL设置为仅由管理员角色访问)。如果可以读取对象那么它应该意味着当前用户属于admin角色吗?这是代码
Parse.Cloud.define("inviteToSignUp", function(request, response) {
var userEmail = request.params.email;
var currentUser = request.user;
var accountName = currentUser.get("accountname");
//do it only if the user is admin
var query = new Parse.Query(Dummy);
query.equalTo("name", + accountName + ADMINISTRATOR + DUMMY);
query.first({
success : function(dummy) {
if(dummy) {
sendSignupEmail(userEmail, currentUser, request, response);
} else {
response.error("Invitation failed. You don't have the priviledges to add new user. Please contact your administrator'");
}
},
error : function(error) {
response.error("error while inviting users. " + error.message);
}
})
});
现在的问题是,即使管理员用户登录了创建的虚拟对象,也不会在上述方法的查询中返回。 有什么我想念的吗?有没有更好的方法来实现这个功能?
我检查了数据浏览器,我可以看到正在创建的两个角色,用户是这两个组的成员。我还看到,使用这两个ACL
创建了两个虚拟对象