From c0bd5d203645bb9a200b359fd9df7b93859e9ded Mon Sep 17 00:00:00 2001 From: Florent Vilmart Date: Mon, 15 Feb 2016 22:44:41 -0500 Subject: [PATCH] adds ability to disable anonymous users --- README.md | 2 +- spec/RestCreate.spec.js | 19 +++++++++++++++++++ src/Config.js | 1 + src/RestWrite.js | 4 ++-- src/index.js | 3 ++- 5 files changed, 25 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 92b7668fec..10b44d5413 100644 --- a/README.md +++ b/README.md @@ -41,7 +41,7 @@ The client keys used with Parse are no longer necessary with parse-server. If y * filesAdapter - The default behavior (GridStore) can be changed by creating an adapter class (see [`FilesAdapter.js`](https://github.com/ParsePlatform/parse-server/blob/master/src/Adapters/Files/FilesAdapter.js)) * databaseAdapter (unfinished) - The backing store can be changed by creating an adapter class (see `DatabaseAdapter.js`) * loggerAdapter - The default behavior/transport (File) can be changed by creating an adapter class (see [`LoggerAdapter.js`](https://github.com/ParsePlatform/parse-server/blob/master/src/Adapters/Logger/LoggerAdapter.js)) - +* enableAnonymousUsers - Defaults to true. Set to false to disable anonymous users. --- ### Usage diff --git a/spec/RestCreate.spec.js b/spec/RestCreate.spec.js index b769a3b576..f4055974d5 100644 --- a/spec/RestCreate.spec.js +++ b/spec/RestCreate.spec.js @@ -100,6 +100,25 @@ describe('rest create', () => { done(); }); }); + + it('handles no anonymous users config', (done) => { + var NoAnnonConfig = Object.assign({}, config, {enableAnonymousUsers: false}); + var data1 = { + authData: { + anonymous: { + id: '00000000-0000-0000-0000-000000000001' + } + } + }; + rest.create(NoAnnonConfig, auth.nobody(NoAnnonConfig), '_User', data1).then(() => { + fail("Should throw an error"); + done(); + }, (err) => { + expect(err.code).toEqual(Parse.Error.UNSUPPORTED_SERVICE); + expect(err.message).toEqual('This authentication method is unsupported.'); + done(); + }) + }); it('test facebook signup and login', (done) => { var data = { diff --git a/src/Config.js b/src/Config.js index 06d7af9497..cb047b679c 100644 --- a/src/Config.js +++ b/src/Config.js @@ -20,6 +20,7 @@ function Config(applicationId, mount) { this.restAPIKey = cacheInfo.restAPIKey; this.fileKey = cacheInfo.fileKey; this.facebookAppIds = cacheInfo.facebookAppIds; + this.enableAnonymousUsers = cacheInfo.enableAnonymousUsers; this.database = DatabaseAdapter.getDatabaseConnection(applicationId); this.filesController = cacheInfo.filesController; diff --git a/src/RestWrite.js b/src/RestWrite.js index 2a2b0ed2ac..2b90fe3c0f 100644 --- a/src/RestWrite.js +++ b/src/RestWrite.js @@ -150,8 +150,8 @@ RestWrite.prototype.validateAuthData = function() { var facebookData = this.data.authData.facebook; var anonData = this.data.authData.anonymous; - if (anonData === null || - (anonData && anonData.id)) { + if (this.config.enableAnonymousUsers === true && (anonData === null || + (anonData && anonData.id))) { return this.handleAnonymousAuthData(); } else if (facebookData === null || (facebookData && facebookData.id && facebookData.access_token)) { diff --git a/src/index.js b/src/index.js index fef09075d9..a5355f6caf 100644 --- a/src/index.js +++ b/src/index.js @@ -104,7 +104,8 @@ function ParseServer(args) { restAPIKey: args.restAPIKey || '', fileKey: args.fileKey || 'invalid-file-key', facebookAppIds: args.facebookAppIds || [], - filesController: filesController + filesController: filesController, + enableAnonymousUsers: args.enableAnonymousUsers || true }; // To maintain compatibility. TODO: Remove in v2.1