Data & Security guide at Parse.com描述了如何控制类和对象级别的访问。我正在寻找一种方法来限制所有用户的类的某些属性的写权限。如何实现这一目标?
我的想法是使用一对一关系并限制对相关类的访问。然而,这并不像规范的方式......
答案 0 :(得分:1)
最简单的方法是使用云代码。您可以这样做:
Parse.Cloud.beforeSave("YourObject", function(request, response)
{
// Find a way to decide if writing is allowed.
var writingForbidden = (request.master === false);
if (writingForbidden)
{
var readOnlyProperties = ["property1", "property2", "property3", "..."];
var dirtyProperties = request.object.dirtyKeys();
for (i = 0 ; i < dirtyProperties.length ; i++) {
var dirtyProperty = dirtyProperties[i];
if (readOnlyProperties.indexOf(dirtyProperty) > -1) {
return response.error("Trying to change a readonly property : " + dirtyProperty);
}
}
}
return response.success();
}