src/Routers/ClassesRouter.js


import PromiseRouter from '../PromiseRouter';
import rest          from '../rest';
import _             from 'lodash';
import Parse         from 'parse/node';

const ALLOWED_GET_QUERY_KEYS = ['keys', 'include'];

export class ClassesRouter extends PromiseRouter {

  className(req) {
    return req.params.className;
  }

  handleFind(req) {
    const body = Object.assign(req.body, ClassesRouter.JSONFromQuery(req.query));
    const options = ClassesRouter.optionsFromBody(body);
    if (req.config.maxLimit && (body.limit > req.config.maxLimit)) {
      // Silently replace the limit on the query with the max configured
      options.limit = Number(req.config.maxLimit);
    }
    if (body.redirectClassNameForKey) {
      options.redirectClassNameForKey = String(body.redirectClassNameForKey);
    }
    if (typeof body.where === 'string') {
      body.where = JSON.parse(body.where);
    }
    return rest.find(req.config, req.auth, this.className(req), body.where, options, req.info.clientSDK)
      .then((response) => {
        return { response: response };
      });
  }

  // Returns a promise for a {response} object.
  handleGet(req) {
    const body = Object.assign(req.body, ClassesRouter.JSONFromQuery(req.query));
    const options = {};

    for (const key of Object.keys(body)) {
      if (ALLOWED_GET_QUERY_KEYS.indexOf(key) === -1) {
        throw new Parse.Error(Parse.Error.INVALID_QUERY, 'Improper encode of parameter');
      }
    }

    if (typeof body.keys == 'string') {
      options.keys = body.keys;
    }
    if (body.include) {
      options.include = String(body.include);
    }

    return rest.get(req.config, req.auth, this.className(req), req.params.objectId, options, req.info.clientSDK)
      .then((response) => {
        if (!response.results || response.results.length == 0) {
          throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Object not found.');
        }

        if (this.className(req) === "_User") {

          delete response.results[0].sessionToken;

          const user =  response.results[0];

          if (req.auth.user && user.objectId == req.auth.user.id) {
            // Force the session token
            response.results[0].sessionToken = req.info.sessionToken;
          }
        }
        return { response: response.results[0] };
      });
  }

  handleCreate(req) {
    return rest.create(req.config, req.auth, this.className(req), req.body, req.info.clientSDK);
  }

  handleUpdate(req) {
    const where = { objectId: req.params.objectId }
    return rest.update(req.config, req.auth, this.className(req), where, req.body, req.info.clientSDK);
  }

  handleDelete(req) {
    return rest.del(req.config, req.auth, this.className(req), req.params.objectId, req.info.clientSDK)
      .then(() => {
        return {response: {}};
      });
  }

  static JSONFromQuery(query) {
    const json = {};
    for (const [key, value] of _.entries(query)) {
      try {
        json[key] = JSON.parse(value);
      } catch (e) {
        json[key] = value;
      }
    }
    return json
  }

  static optionsFromBody(body) {
    const allowConstraints = ['skip', 'limit', 'order', 'count', 'keys',
      'include', 'redirectClassNameForKey', 'where'];

    for (const key of Object.keys(body)) {
      if (allowConstraints.indexOf(key) === -1) {
        throw new Parse.Error(Parse.Error.INVALID_QUERY, `Invalid parameter for query: ${key}`);
      }
    }
    const options = {};
    if (body.skip) {
      options.skip = Number(body.skip);
    }
    if (body.limit || body.limit === 0) {
      options.limit = Number(body.limit);
    } else {
      options.limit = Number(100);
    }
    if (body.order) {
      options.order = String(body.order);
    }
    if (body.count) {
      options.count = true;
    }
    if (typeof body.keys == 'string') {
      options.keys = body.keys;
    }
    if (body.include) {
      options.include = String(body.include);
    }
    return options;
  }

  mountRoutes() {
    this.route('GET', '/classes/:className', (req) => { return this.handleFind(req); });
    this.route('GET', '/classes/:className/:objectId', (req) => { return this.handleGet(req); });
    this.route('POST', '/classes/:className', (req) => { return this.handleCreate(req); });
    this.route('PUT', '/classes/:className/:objectId', (req) => { return this.handleUpdate(req); });
    this.route('DELETE',  '/classes/:className/:objectId', (req) => { return this.handleDelete(req); });
  }
}

export default ClassesRouter;
Restructure ClassesRouter as a class. 2016-02-09 20:45:02 -08:00
			`import PromiseRouter from '../PromiseRouter';`
Ignore _RevoableSession "header" that is sent by JS SDK. Fixes #1548. (#1627) 2016-04-25 12:52:21 -07:00			`import rest from '../rest';`
Removes dependency upon babel-polyfills (#2731) * Removes runtime dependency babel-polyfill (#2692) * Removes runtime dependency babel-polyfill * removes references to polyfilled array includes * Better support for polyfilling * Removes unnecessary log * Adds killswitch if tests are polyfilled * Reverts usage of includes on strings 2016-09-24 13:53:15 -04:00			`import _ from 'lodash';`
Adds liniting into the workflow (#3082) * initial linting of src * fix indent to 2 spaces * Removes unnecessary rules * ignore spec folder for now * Spec linting * Fix spec indent * nits * nits * no no-empty rule 2016-11-24 15:47:41 -05:00			`import Parse from 'parse/node';`
Throw error when query with wrongly encoded parameter 2016-02-17 02:52:32 +08:00
Put the allowed query keys for get in a constant. 2016-04-01 11:51:42 -04:00			`const ALLOWED_GET_QUERY_KEYS = ['keys', 'include'];`

Refactors routers 2016-02-19 23:47:44 -05:00			`export class ClassesRouter extends PromiseRouter {`
Ignore _RevoableSession "header" that is sent by JS SDK. Fixes #1548. (#1627) 2016-04-25 12:52:21 -07:00
Finding areas that are untested and need love (#4131) * Makes InstallationRouter like others * Adds testing for Range file requests - Fixes issue with small requests (0-2) * Revert "Makes InstallationRouter like others" This reverts commit e2d2a16ebf2757db6138c7b5b33c97c56c69ead6. * Better handling of errors in FilesRouter * Fix incorrectness in range requests * Better/simpler logic * Only on mongo at it requires Gridstore * Open file streaming to all adapters supporting it * Improves coverage of parsers * Ensures depreciation warning is effective * Removes unused function * de-duplicate logic * Removes necessity of overriding req.params.className on subclasses routers * Use babel-preset-env to ensure min-version compatible code * removes dead code * Leverage indexes in order to infer which field is duplicated upon signup - A note mentioned that it would be possible to leverage using the indexes on username/email to infer which is duplicated * Small nit * Better template to match column name * Restores original implementation for safety * nits 2017-09-05 17:51:11 -04:00			`className(req) {`
			`return req.params.className;`
			`}`

Restructure ClassesRouter as a class. 2016-02-09 20:45:02 -08:00			`handleFind(req) {`
Enable prefer-const lint rule (#3202) 2016-12-07 15:17:05 -08:00			`const body = Object.assign(req.body, ClassesRouter.JSONFromQuery(req.query));`
Finding areas that are untested and need love (#4131) * Makes InstallationRouter like others * Adds testing for Range file requests - Fixes issue with small requests (0-2) * Revert "Makes InstallationRouter like others" This reverts commit e2d2a16ebf2757db6138c7b5b33c97c56c69ead6. * Better handling of errors in FilesRouter * Fix incorrectness in range requests * Better/simpler logic * Only on mongo at it requires Gridstore * Open file streaming to all adapters supporting it * Improves coverage of parsers * Ensures depreciation warning is effective * Removes unused function * de-duplicate logic * Removes necessity of overriding req.params.className on subclasses routers * Use babel-preset-env to ensure min-version compatible code * removes dead code * Leverage indexes in order to infer which field is duplicated upon signup - A note mentioned that it would be possible to leverage using the indexes on username/email to infer which is duplicated * Small nit * Better template to match column name * Restores original implementation for safety * nits 2017-09-05 17:51:11 -04:00			`const options = ClassesRouter.optionsFromBody(body);`
Add maxLimit server configuration (#4048) * Add maxLimit server configuration * Fix maxlimit validation logic to correctly handle maxLimit:0 case 2017-10-02 06:23:09 -07:00			`if (req.config.maxLimit && (body.limit > req.config.maxLimit)) {`
			`// Silently replace the limit on the query with the max configured`
			`options.limit = Number(req.config.maxLimit);`
			`}`
Restructure ClassesRouter as a class. 2016-02-09 20:45:02 -08:00			`if (body.redirectClassNameForKey) {`
			`options.redirectClassNameForKey = String(body.redirectClassNameForKey);`
			`}`
			`if (typeof body.where === 'string') {`
			`body.where = JSON.parse(body.where);`
			`}`
Finding areas that are untested and need love (#4131) * Makes InstallationRouter like others * Adds testing for Range file requests - Fixes issue with small requests (0-2) * Revert "Makes InstallationRouter like others" This reverts commit e2d2a16ebf2757db6138c7b5b33c97c56c69ead6. * Better handling of errors in FilesRouter * Fix incorrectness in range requests * Better/simpler logic * Only on mongo at it requires Gridstore * Open file streaming to all adapters supporting it * Improves coverage of parsers * Ensures depreciation warning is effective * Removes unused function * de-duplicate logic * Removes necessity of overriding req.params.className on subclasses routers * Use babel-preset-env to ensure min-version compatible code * removes dead code * Leverage indexes in order to infer which field is duplicated upon signup - A note mentioned that it would be possible to leverage using the indexes on username/email to infer which is duplicated * Small nit * Better template to match column name * Restores original implementation for safety * nits 2017-09-05 17:51:11 -04:00			`return rest.find(req.config, req.auth, this.className(req), body.where, options, req.info.clientSDK)`
Restructure ClassesRouter as a class. 2016-02-09 20:45:02 -08:00			`.then((response) => {`
			`return { response: response };`
			`});`
			`}`

			`// Returns a promise for a {response} object.`
			`handleGet(req) {`
Enable prefer-const lint rule (#3202) 2016-12-07 15:17:05 -08:00			`const body = Object.assign(req.body, ClassesRouter.JSONFromQuery(req.query));`
			`const options = {};`
Allow queries on specific objects to user the include and keys query parameters. 2016-03-30 13:50:36 -04:00
Enable prefer-const lint rule (#3202) 2016-12-07 15:17:05 -08:00			`for (const key of Object.keys(body)) {`
Put the allowed query keys for get in a constant. 2016-04-01 11:51:42 -04:00			`if (ALLOWED_GET_QUERY_KEYS.indexOf(key) === -1) {`
Allow queries on specific objects to user the include and keys query parameters. 2016-03-30 13:50:36 -04:00			`throw new Parse.Error(Parse.Error.INVALID_QUERY, 'Improper encode of parameter');`
			`}`
			`}`

			`if (typeof body.keys == 'string') {`
			`options.keys = body.keys;`
			`}`
			`if (body.include) {`
			`options.include = String(body.include);`
			`}`

Finding areas that are untested and need love (#4131) * Makes InstallationRouter like others * Adds testing for Range file requests - Fixes issue with small requests (0-2) * Revert "Makes InstallationRouter like others" This reverts commit e2d2a16ebf2757db6138c7b5b33c97c56c69ead6. * Better handling of errors in FilesRouter * Fix incorrectness in range requests * Better/simpler logic * Only on mongo at it requires Gridstore * Open file streaming to all adapters supporting it * Improves coverage of parsers * Ensures depreciation warning is effective * Removes unused function * de-duplicate logic * Removes necessity of overriding req.params.className on subclasses routers * Use babel-preset-env to ensure min-version compatible code * removes dead code * Leverage indexes in order to infer which field is duplicated upon signup - A note mentioned that it would be possible to leverage using the indexes on username/email to infer which is duplicated * Small nit * Better template to match column name * Restores original implementation for safety * nits 2017-09-05 17:51:11 -04:00			`return rest.get(req.config, req.auth, this.className(req), req.params.objectId, options, req.info.clientSDK)`
Restructure ClassesRouter as a class. 2016-02-09 20:45:02 -08:00			`.then((response) => {`
			`if (!response.results \|\| response.results.length == 0) {`
			`throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Object not found.');`
			`}`
Ignore _RevoableSession "header" that is sent by JS SDK. Fixes #1548. (#1627) 2016-04-25 12:52:21 -07:00
Finding areas that are untested and need love (#4131) * Makes InstallationRouter like others * Adds testing for Range file requests - Fixes issue with small requests (0-2) * Revert "Makes InstallationRouter like others" This reverts commit e2d2a16ebf2757db6138c7b5b33c97c56c69ead6. * Better handling of errors in FilesRouter * Fix incorrectness in range requests * Better/simpler logic * Only on mongo at it requires Gridstore * Open file streaming to all adapters supporting it * Improves coverage of parsers * Ensures depreciation warning is effective * Removes unused function * de-duplicate logic * Removes necessity of overriding req.params.className on subclasses routers * Use babel-preset-env to ensure min-version compatible code * removes dead code * Leverage indexes in order to infer which field is duplicated upon signup - A note mentioned that it would be possible to leverage using the indexes on username/email to infer which is duplicated * Small nit * Better template to match column name * Restores original implementation for safety * nits 2017-09-05 17:51:11 -04:00			`if (this.className(req) === "_User") {`
Ignore _RevoableSession "header" that is sent by JS SDK. Fixes #1548. (#1627) 2016-04-25 12:52:21 -07:00
Fix session token issue In _User collection a field _session_token is present and if you fetch the user data form server, this field override the sessionToken saved in your browser. If you don't fetch the user, all request to server contain the right sessionToken and if you fetch the user data from the server, all next requests will contain the wrong sessionToken come form the _session_token in user data fetched. 2016-02-11 20:32:31 -05:00			`delete response.results[0].sessionToken;`
Ignore _RevoableSession "header" that is sent by JS SDK. Fixes #1548. (#1627) 2016-04-25 12:52:21 -07:00
Fix missing session token when fetching a _User 2016-02-18 10:54:53 -05:00			`const user = response.results[0];`
Ignore _RevoableSession "header" that is sent by JS SDK. Fixes #1548. (#1627) 2016-04-25 12:52:21 -07:00
Fix missing session token when fetching a _User 2016-02-18 10:54:53 -05:00			`if (req.auth.user && user.objectId == req.auth.user.id) {`
			`// Force the session token`
			`response.results[0].sessionToken = req.info.sessionToken;`
			`}`
Ignore _RevoableSession "header" that is sent by JS SDK. Fixes #1548. (#1627) 2016-04-25 12:52:21 -07:00			`}`
Restructure ClassesRouter as a class. 2016-02-09 20:45:02 -08:00			`return { response: response.results[0] };`
			`});`
			`}`

			`handleCreate(req) {`
Finding areas that are untested and need love (#4131) * Makes InstallationRouter like others * Adds testing for Range file requests - Fixes issue with small requests (0-2) * Revert "Makes InstallationRouter like others" This reverts commit e2d2a16ebf2757db6138c7b5b33c97c56c69ead6. * Better handling of errors in FilesRouter * Fix incorrectness in range requests * Better/simpler logic * Only on mongo at it requires Gridstore * Open file streaming to all adapters supporting it * Improves coverage of parsers * Ensures depreciation warning is effective * Removes unused function * de-duplicate logic * Removes necessity of overriding req.params.className on subclasses routers * Use babel-preset-env to ensure min-version compatible code * removes dead code * Leverage indexes in order to infer which field is duplicated upon signup - A note mentioned that it would be possible to leverage using the indexes on username/email to infer which is duplicated * Small nit * Better template to match column name * Restores original implementation for safety * nits 2017-09-05 17:51:11 -04:00			`return rest.create(req.config, req.auth, this.className(req), req.body, req.info.clientSDK);`
Restructure ClassesRouter as a class. 2016-02-09 20:45:02 -08:00			`}`

			`handleUpdate(req) {`
fix(Users): Makes sure verifying emails triggers hooks and liveQuery (#3851) * Use RestWrite when verifying emails so hooks are called (as master) * Fixes tests for postgres * nit * Makes rest.update support a full where instead of objectId * Use rest.update to guaranteed proper beforeSave and liveQuery calls 2017-05-28 20:34:49 -04:00			`const where = { objectId: req.params.objectId }`
Finding areas that are untested and need love (#4131) * Makes InstallationRouter like others * Adds testing for Range file requests - Fixes issue with small requests (0-2) * Revert "Makes InstallationRouter like others" This reverts commit e2d2a16ebf2757db6138c7b5b33c97c56c69ead6. * Better handling of errors in FilesRouter * Fix incorrectness in range requests * Better/simpler logic * Only on mongo at it requires Gridstore * Open file streaming to all adapters supporting it * Improves coverage of parsers * Ensures depreciation warning is effective * Removes unused function * de-duplicate logic * Removes necessity of overriding req.params.className on subclasses routers * Use babel-preset-env to ensure min-version compatible code * removes dead code * Leverage indexes in order to infer which field is duplicated upon signup - A note mentioned that it would be possible to leverage using the indexes on username/email to infer which is duplicated * Small nit * Better template to match column name * Restores original implementation for safety * nits 2017-09-05 17:51:11 -04:00			`return rest.update(req.config, req.auth, this.className(req), where, req.body, req.info.clientSDK);`
Restructure ClassesRouter as a class. 2016-02-09 20:45:02 -08:00			`}`

			`handleDelete(req) {`
Finding areas that are untested and need love (#4131) * Makes InstallationRouter like others * Adds testing for Range file requests - Fixes issue with small requests (0-2) * Revert "Makes InstallationRouter like others" This reverts commit e2d2a16ebf2757db6138c7b5b33c97c56c69ead6. * Better handling of errors in FilesRouter * Fix incorrectness in range requests * Better/simpler logic * Only on mongo at it requires Gridstore * Open file streaming to all adapters supporting it * Improves coverage of parsers * Ensures depreciation warning is effective * Removes unused function * de-duplicate logic * Removes necessity of overriding req.params.className on subclasses routers * Use babel-preset-env to ensure min-version compatible code * removes dead code * Leverage indexes in order to infer which field is duplicated upon signup - A note mentioned that it would be possible to leverage using the indexes on username/email to infer which is duplicated * Small nit * Better template to match column name * Restores original implementation for safety * nits 2017-09-05 17:51:11 -04:00			`return rest.del(req.config, req.auth, this.className(req), req.params.objectId, req.info.clientSDK)`
Restructure ClassesRouter as a class. 2016-02-09 20:45:02 -08:00			`.then(() => {`
			`return {response: {}};`
			`});`
			`}`
Fix passing parameters via URL query when querying for objects. 2016-02-20 23:46:05 -08:00
			`static JSONFromQuery(query) {`
Enable prefer-const lint rule (#3202) 2016-12-07 15:17:05 -08:00			`const json = {};`
			`for (const [key, value] of _.entries(query)) {`
Fix passing parameters via URL query when querying for objects. 2016-02-20 23:46:05 -08:00			`try {`
			`json[key] = JSON.parse(value);`
			`} catch (e) {`
			`json[key] = value;`
			`}`
			`}`
			`return json`
			`}`
Ignore _RevoableSession "header" that is sent by JS SDK. Fixes #1548. (#1627) 2016-04-25 12:52:21 -07:00
Finding areas that are untested and need love (#4131) * Makes InstallationRouter like others * Adds testing for Range file requests - Fixes issue with small requests (0-2) * Revert "Makes InstallationRouter like others" This reverts commit e2d2a16ebf2757db6138c7b5b33c97c56c69ead6. * Better handling of errors in FilesRouter * Fix incorrectness in range requests * Better/simpler logic * Only on mongo at it requires Gridstore * Open file streaming to all adapters supporting it * Improves coverage of parsers * Ensures depreciation warning is effective * Removes unused function * de-duplicate logic * Removes necessity of overriding req.params.className on subclasses routers * Use babel-preset-env to ensure min-version compatible code * removes dead code * Leverage indexes in order to infer which field is duplicated upon signup - A note mentioned that it would be possible to leverage using the indexes on username/email to infer which is duplicated * Small nit * Better template to match column name * Restores original implementation for safety * nits 2017-09-05 17:51:11 -04:00			`static optionsFromBody(body) {`
			`const allowConstraints = ['skip', 'limit', 'order', 'count', 'keys',`
			`'include', 'redirectClassNameForKey', 'where'];`

			`for (const key of Object.keys(body)) {`
			`if (allowConstraints.indexOf(key) === -1) {`
			throw new Parse.Error(Parse.Error.INVALID_QUERY, `Invalid parameter for query: ${key}`);
			`}`
			`}`
			`const options = {};`
			`if (body.skip) {`
			`options.skip = Number(body.skip);`
			`}`
			`if (body.limit \|\| body.limit === 0) {`
			`options.limit = Number(body.limit);`
			`} else {`
			`options.limit = Number(100);`
			`}`
			`if (body.order) {`
			`options.order = String(body.order);`
			`}`
			`if (body.count) {`
			`options.count = true;`
			`}`
			`if (typeof body.keys == 'string') {`
			`options.keys = body.keys;`
			`}`
			`if (body.include) {`
			`options.include = String(body.include);`
			`}`
			`return options;`
			`}`

Refactors routers 2016-02-19 23:47:44 -05:00			`mountRoutes() {`
			`this.route('GET', '/classes/:className', (req) => { return this.handleFind(req); });`
			`this.route('GET', '/classes/:className/:objectId', (req) => { return this.handleGet(req); });`
			`this.route('POST', '/classes/:className', (req) => { return this.handleCreate(req); });`
			`this.route('PUT', '/classes/:className/:objectId', (req) => { return this.handleUpdate(req); });`
			`this.route('DELETE', '/classes/:className/:objectId', (req) => { return this.handleDelete(req); });`
Restructure ClassesRouter as a class. 2016-02-09 20:45:02 -08:00			`}`
			`}`

			`export default ClassesRouter;`