parse.com中的用户安全性javascript
我正在尝试使用angularjs在parse.com上登录用户,登录后会在用户上显示一个表单,但是我遇到了问题。
在parse.com我设置用户“katikati”以获得完全访问权限
和用户“管理员”只能获取和查找。
正如您在下面的图片中看到的那样。
下面的代码就是我正在做的,登录以及用户是否存在以查看html。 但是当我用用户“admin”登录时,我仍然可以发布到我的parse.com帐户。 我做错了什么???
<!DOCTYPE html>
<html>
<head>
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.7/angular.min.js"></script>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js"></script>
<script src="http://www.parsecdn.com/js/parse-latest.js"></script>
<meta name="viewport" content="initial-scale=1.0, user-scalable=no">
<meta charset="utf-8">
<title>Testy</title>
<script>
Parse.initialize("APPID", "JSKEY");
angular.module('AuthApp', [])
.run(['$rootScope', function($scope) {
$scope.scenario = 'Log in';
$scope.currentUser = Parse.User.current();
$scope.logIn = function(form) {
Parse.User.logIn(form.username, form.password, {
success: function(user) {
$scope.currentUser = user;
$scope.$apply();
},
error: function(user, error) {
alert("Unable to log in: " + error.code + " " + error.message);
}
});
};
$scope.logOut = function(form) {
Parse.User.logOut();
$scope.currentUser = null;
};
}]);
</script>
<script type="text/javascript">
$(document).ready(function() {
Parse.initialize("APPID", "JSKEY");
function saveJobApp(objParseFile) {
var jobApplication = new Parse.Object("magazia");
var email = document.getElementById('email').value;
var name = document.getElementById('name').value;
var description = document.getElementById('description').value;
var website = document.getElementById('website').value;
var phone = document.getElementById('phone').value;
var address = document.getElementById('address').value;
var latlon = document.getElementById('latlon').value;
var value = latlon;
value = value.replace(/[\(\)]/g, '').split(', ');
console.log(value[0]);
console.log(value[1]);
var x = parseFloat(value[0]);
var y = parseFloat(value[1]);
var point = new Parse.GeoPoint(x, y);
jobApplication.set("image", objParseFile);
jobApplication.set("email", email);
jobApplication.set("phone", phone);
jobApplication.set("address", address);
jobApplication.set("name", name);
jobApplication.set("website", website);
jobApplication.set("description", description);
jobApplication.set("latlon", point);
jobApplication.save(null, {
success: function(gameScore) {
// Execute any logic that should take place after the object is saved.
/* var photo = gameScore.get("image");
var name = gameScore.get("name");
var id = gameScore.id;
$("#profileImg")[0].src = photo.url();
$("#objID")[0].innerHTML = id; */
//edw 8a perasoume to id apo ta magazia sta events gia na exoume to FK apo ta magazia
},
error: function(gameScore, error) {
// Execute any logic that should take place if the save fails.
// error is a Parse.Error with an error code and description.
alert('Failed to create new object, with error code: ' + error.description);
}
});
//var objectId = jobApplication.getObjectId();
// objectId = document.getElementById("objID").innerHTML;
// console.log(objectId);
}
$('#submitId').on("click", function(e) {
var fileUploadControl = $("#profilePhotoFileUpload")[0];
var file = fileUploadControl.files[0];
var name = file.name; //This does *NOT* need to be a unique name
var parseFile = new Parse.File(name, file);
console.log("Done");
parseFile.save().then(
function() {
saveJobApp(parseFile);
},
function(error) {
alert("error");
}
);
});
});
</script>
</head>
<body ng-app="AuthApp">
<div ng-hide="currentUser">
<form ng-show="scenario == 'Sign up'">
<a href="#" ng-click='scenario="Log in"'>Log in</a>
</form>
<form ng-show="scenario == 'Log in'">
<h2>Log in</h2>
Username: <input type="text" ng-model="user.username" /><br />
Password: <input type="password" ng-model="user.password" /><br />
<button ng-click="logIn(user)">Log in</button>
or <a href="#" ng-click='scenario="Sign up"'>Sign up</a>
</form>
</div>
<div ng-show="currentUser">
<form id="business_form" method="post">
<table>
<tr>
<td>NAME</td>
<td><input type="text" id="name"></td>
</tr>
<tr>
<td>Description</td>
<td><input type="text" id="description"></td>
</tr>
<tr>
<td>Address</td>
<td><input type="text" id="address"></td>
</tr>
<tr>
<td>LatLon</td>
<td><input type="text" id="latlon"></td>
</tr>
<tr>
<td>Phone</td>
<td><input type="text" id="phone"></td>
</tr>
<tr>
<td>Email</td>
<td><input id="email" name="email" type="email" placeholder="Type your email to create a Mail Link"></td>
</tr>
<tr>
<td>Website</td>
<td><input type="text" id="website"></td>
</tr>
<tr>
<td>Image</td>
<td><input type="file" id="profilePhotoFileUpload"></td>
</tr>
<tr>
<td><input type="button" id="submitId" value="submit"></td>
</tr>
</table>
</form>
<input id="pac-input" class="controls" type="text" placeholder="Search Your Place Here">
<div id="map"></div>
<script>
// This example adds a search box to a map, using the Google Place Autocomplete
// feature. People can enter geographical searches. The search box will return a
// pick list containing a mix of places and predicted search terms.
function initAutocomplete() {
var map = new google.maps.Map(document.getElementById('map'), {
center: {
lat: 37.58,
lng: 23.43
},
zoom: 6,
mapTypeId: google.maps.MapTypeId.ROADMAP
});
// Create the search box and link it to the UI element.
var input = document.getElementById('pac-input');
var searchBox = new google.maps.places.SearchBox(input);
map.controls[google.maps.ControlPosition.TOP_LEFT].push(input);
// Bias the SearchBox results towards current map's viewport.
map.addListener('bounds_changed', function() {
searchBox.setBounds(map.getBounds());
});
var markers = [];
// [START region_getplaces]
// Listen for the event fired when the user selects a prediction and retrieve
// more details for that place.
searchBox.addListener('places_changed', function() {
var places = searchBox.getPlaces();
if (places.length == 0) {
return;
}
// Clear out the old markers.
markers.forEach(function(marker) {
marker.setMap(null);
});
markers = [];
// For each place, get the icon, name and location.
var bounds = new google.maps.LatLngBounds();
places.forEach(function(place) {
var icon = {
url: place.icon,
size: new google.maps.Size(71, 71),
origin: new google.maps.Point(0, 0),
anchor: new google.maps.Point(17, 34),
scaledSize: new google.maps.Size(25, 25)
};
var lat = place.geometry.location.lat();
var lng = place.geometry.location.lng();
var latlng = lat + "," + " " + lng;
var address =
console.log(latlng);
document.getElementById("latlon").value = latlng;
// Create a marker for each place.
markers.push(new google.maps.Marker({
map: map,
icon: icon,
title: place.name,
position: place.geometry.location
}));
if (place.geometry.viewport) {
// Only geocodes have viewport.
bounds.union(place.geometry.viewport);
} else {
bounds.extend(place.geometry.location);
}
});
map.fitBounds(bounds);
});
// [END region_getplaces]
}
</script>
<script src="https://maps.googleapis.com/maps/api/js?key=APIKEY&libraries=places&callback=initAutocomplete"
async defer></script>
<button ng-click="logOut(user)">Log out</button>
</div>
</div>
</body>
</html>
我所要做的就是检查用户是否是“katikati”,他可以将数据发送到我的应用程序,但如果他是“管理员”,则根本不发送任何内容。
更新
当用户登录时,他可以将数据发布到这3个类
我只希望用户“katikati”能够发布到这3个班级。
1 个答案:
答案 0 :(得分:1)
您在_User权限中执行的操作仅影响_User类。每个类都有自己的类级别权限(CLP)。要限制用户编写或阅读课程,您应该转到课程设置并更改其CLP。
此外,您可以更好地在应用中定义一些roles,而不是逐个为特定用户配置权限。
相关问题
最新问题
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?