Merge pull request #137 from back4app/fix-permission-admin-setup

davimacedo · web-flow · commit 20181d3f08f3 · 2019-02-22T14:01:51.000-08:00
fix: Use master key on admin setup
diff --git a/src/dashboard/B4aAdminPage/B4aAdminPage.react.js b/src/dashboard/B4aAdminPage/B4aAdminPage.react.js
@@ -58,7 +58,7 @@ class B4aAdminPage extends DashboardView {
 
     const queryRole = new Parse.Query(Parse.Role)
     queryRole.equalTo('name', adminParams.adminRole)
-    const result = await queryRole.first()
+    const result = await queryRole.first({ useMasterKey: true })
     return !!result
   }
 
@@ -70,14 +70,14 @@ class B4aAdminPage extends DashboardView {
     roleACL.setPublicWriteAccess(true)
     const role = new Parse.Role(adminParams.adminRole, roleACL)
     role.getUsers().add([admin])
-    return await role.save()
+    return await role.save(undefined, { useMasterKey: true })
   }
 
   async createUser(user) {
     const admin = new Parse.User()
     admin.set('username', user.username)
     admin.set('password', user.password)
-    return await admin.signUp()
+    return await admin.signUp(undefined, { useMasterKey: true })
   }
 
   async setClassLevelPermission() {
@@ -101,7 +101,7 @@ class B4aAdminPage extends DashboardView {
         Object.entries(row).forEach(([key, value]) => {
           newObject.set(key, value)
         })
-        promises.push(newObject.save())
+        promises.push(newObject.save(undefined, { useMasterKey: true }))
       }
     }
     // wait until each object has been saved properly

Original file line number	Diff line number	Diff line change
`@@ -58,7 +58,7 @@ class B4aAdminPage extends DashboardView {`
`58`	`58`
`59`	`59`	`const queryRole = new Parse.Query(Parse.Role)`
`60`	`60`	`queryRole.equalTo('name', adminParams.adminRole)`
`61`		`- const result = await queryRole.first()`
	`61`	`+ const result = await queryRole.first({ useMasterKey: true })`
`62`	`62`	`return !!result`
`63`	`63`	`}`
`64`	`64`
`@@ -70,14 +70,14 @@ class B4aAdminPage extends DashboardView {`
`70`	`70`	`roleACL.setPublicWriteAccess(true)`
`71`	`71`	`const role = new Parse.Role(adminParams.adminRole, roleACL)`
`72`	`72`	`role.getUsers().add([admin])`
`73`		`- return await role.save()`
	`73`	`+ return await role.save(undefined, { useMasterKey: true })`
`74`	`74`	`}`
`75`	`75`
`76`	`76`	`async createUser(user) {`
`77`	`77`	`const admin = new Parse.User()`
`78`	`78`	`admin.set('username', user.username)`
`79`	`79`	`admin.set('password', user.password)`
`80`		`- return await admin.signUp()`
	`80`	`+ return await admin.signUp(undefined, { useMasterKey: true })`
`81`	`81`	`}`
`82`	`82`
`83`	`83`	`async setClassLevelPermission() {`
`@@ -101,7 +101,7 @@ class B4aAdminPage extends DashboardView {`
`101`	`101`	`Object.entries(row).forEach(([key, value]) => {`
`102`	`102`	`newObject.set(key, value)`
`103`	`103`	`})`
`104`		`- promises.push(newObject.save())`
	`104`	`+ promises.push(newObject.save(undefined, { useMasterKey: true }))`
`105`	`105`	`}`
`106`	`106`	`}`
`107`	`107`	`// wait until each object has been saved properly`