Class: Parse::Constraint::ACLWritableByConstraint

Inherits:
Constraint
  • Object
show all
Defined in:
lib/parse/query/constraints.rb

Overview

A constraint for filtering objects based on ACL write permissions. This constraint queries the MongoDB _wperm field directly. Strings are used as exact permission values (user IDs or "role:RoleName" format).

For role-based filtering with automatic "role:" prefix, use writable_by_role instead.

Find objects writable by a specific user object (fetches user's roles automatically)

Post.where(:ACL.writable_by => user)

Find objects writable by exact permission strings (no prefix added)

Post.where(:ACL.writable_by => "user123") # User ID Post.where(:ACL.writable_by => "role:Admin") # Role with explicit prefix Post.where(:ACL.writable_by => ["user123", "role:Admin"])

Instance Method Summary collapse

Instance Method Details

#buildHash

Returns the compiled constraint using _wperm field.

Returns:

  • (Hash)

    the compiled constraint using _wperm field.



2752
2753
2754
2755
2756
2757
2758
2759
2760
2761
2762
2763
2764
2765
2766
 
# File 'lib/parse/query/constraints.rb', line 2752

def build
  # Use @value directly to preserve type information before
  # formatted_value converts to pointers.
  value = @value

  # Special case: "none" matches objects whose _wperm is an empty
  # array — master-key-only documents. See {ACLReadableByConstraint#build}.
  if value.is_a?(String) && value == "none"
    pipeline = [{ "$match" => { "_wperm" => { "$eq" => [] } } }]
    return { "__aggregation_pipeline" => pipeline }
  end

  permissions = ACLPermissions.collect(value)
  ACLPermissions.pipeline(permissions, field: "_wperm")
end

#writable_byACLWritableByConstraint

A registered method on a symbol to create the constraint.

Examples:

q.where :ACL.writable_by => user_or_permission_strings

Returns:



2749
 
# File 'lib/parse/query/constraints.rb', line 2749

register :writable_by