Class: Parse::Constraint::NotReadableByConstraint

Inherits:
Constraint
  • Object
show all
Defined in:
lib/parse/query/constraints.rb

Overview

Note:

"Not readable by X" excludes rows readable by X directly, via any role X inherits, AND publicly — so a User value expands its roles and the public +"*"+ is always added to the exclusion set.

Note:

This constraint uses aggregation pipeline because Parse Server restricts direct queries on the internal _rperm field.

ACL NOT Readable By Constraint Query objects that are NOT readable by the specified users/roles. Useful for finding objects hidden from specific users.

Examples:

Find objects NOT readable by a user (hidden from them)

Song.query.where(:acl.not_readable_by => current_user)

Find objects NOT publicly readable

Song.query.where(:acl.not_readable_by => "*")
Song.query.where(:acl.not_readable_by => :public)

Instance Method Summary collapse

Instance Method Details

#buildObject



3232
3233
3234
3235
3236
3237
3238
3239
3240
3241
3242
3243
3244
3245
3246
3247
3248
3249
3250
3251
3252
# File 'lib/parse/query/constraints.rb', line 3232

def build
  keys = ACLPermissions.collect_for_negation(@value)
  return { "__aggregation_pipeline" => [] } if keys.empty?

  # Find objects whose _rperm EXISTS and does NOT contain any of the
  # keys. The `$exists: true` guard is essential: Parse Server treats a
  # missing `_rperm` as publicly readable, and MongoDB's `$nin` matches
  # documents where the field is absent. Without the guard,
  # `not_readable_by("*")` (i.e. #not_publicly_readable) would MATCH the
  # public-by-absence rows it is meant to exclude — inverting the result
  # and giving a security audit a false sense of safety.
  pipeline = [
    {
      "$match" => {
        "_rperm" => { "$exists" => true, "$nin" => keys },
      },
    },
  ]

  { "__aggregation_pipeline" => pipeline }
end