diff --git a/spec/ParseLiveQueryServer.spec.js b/spec/ParseLiveQueryServer.spec.js index 934cf46722..7903ff09fd 100644 --- a/spec/ParseLiveQueryServer.spec.js +++ b/spec/ParseLiveQueryServer.spec.js @@ -1006,6 +1006,59 @@ describe('ParseLiveQueryServer', function() { expect(originalObject.updatedAt).not.toBeUndefined(); }); + it('can inflate user object', async () => { + const parseLiveQueryServer = new ParseLiveQueryServer({}); + const userJSON = { + username: 'test', + ACL: {}, + createdAt: '2018-12-21T23:09:51.784Z', + sessionToken: 'r:1234', + updatedAt: '2018-12-21T23:09:51.784Z', + objectId: 'NhF2u9n72W', + __type: 'Object', + className: '_User', + _hashed_password: '1234', + _email_verify_token: '1234', + }; + + const originalUserJSON = { + username: 'test', + ACL: {}, + createdAt: '2018-12-21T23:09:51.784Z', + sessionToken: 'r:1234', + updatedAt: '2018-12-21T23:09:51.784Z', + objectId: 'NhF2u9n72W', + __type: 'Object', + className: '_User', + _hashed_password: '12345', + _email_verify_token: '12345', + }; + + const message = { + currentParseObject: userJSON, + originalParseObject: originalUserJSON, + }; + parseLiveQueryServer._inflateParseObject(message); + + const object = message.currentParseObject; + expect(object instanceof Parse.Object).toBeTruthy(); + expect(object.get('_hashed_password')).toBeUndefined(); + expect(object.get('_email_verify_token')).toBeUndefined(); + expect(object.className).toEqual('_User'); + expect(object.id).toBe('NhF2u9n72W'); + expect(object.createdAt).not.toBeUndefined(); + expect(object.updatedAt).not.toBeUndefined(); + + const originalObject = message.originalParseObject; + expect(originalObject instanceof Parse.Object).toBeTruthy(); + expect(originalObject.get('_hashed_password')).toBeUndefined(); + expect(originalObject.get('_email_verify_token')).toBeUndefined(); + expect(originalObject.className).toEqual('_User'); + expect(originalObject.id).toBe('NhF2u9n72W'); + expect(originalObject.createdAt).not.toBeUndefined(); + expect(originalObject.updatedAt).not.toBeUndefined(); + }); + it('can match undefined ACL', function(done) { const parseLiveQueryServer = new ParseLiveQueryServer({}); const client = {}; @@ -1314,7 +1367,7 @@ describe('ParseLiveQueryServer', function() { new Parse.ACL() ); liveQueryRole.id = 'abcdef1234'; - callback(liveQueryRole) + callback(liveQueryRole); return Promise.resolve(); }, }; diff --git a/src/LiveQuery/ParseLiveQueryServer.js b/src/LiveQuery/ParseLiveQueryServer.js index b175ebe36a..4f04805ae5 100644 --- a/src/LiveQuery/ParseLiveQueryServer.js +++ b/src/LiveQuery/ParseLiveQueryServer.js @@ -14,6 +14,7 @@ import { runLiveQueryEventHandlers } from '../triggers'; import { getAuthForSessionToken, Auth } from '../Auth'; import { getCacheController } from '../Controllers'; import LRU from 'lru-cache'; +import UserRouter from '../Routers/UsersRouter'; class ParseLiveQueryServer { clients: Map; @@ -98,6 +99,7 @@ class ParseLiveQueryServer { _inflateParseObject(message: any): void { // Inflate merged object const currentParseObject = message.currentParseObject; + UserRouter.removeHiddenProperties(currentParseObject); let className = currentParseObject.className; let parseObject = new Parse.Object(className); parseObject._finishFetch(currentParseObject); @@ -105,6 +107,7 @@ class ParseLiveQueryServer { // Inflate original object const originalParseObject = message.originalParseObject; if (originalParseObject) { + UserRouter.removeHiddenProperties(originalParseObject); className = originalParseObject.className; parseObject = new Parse.Object(className); parseObject._finishFetch(originalParseObject);