Support direct access server option (#5550)

* Support direct access config test options * add test * fix test * fix definitions * improve docs * Update .travis.yml * Revert "Update .travis.yml" This reverts commit 407f138.
parse-community · May 10, 2019 · b4d915b · b4d915b
1 parent f15360c
commit b4d915b
Show file tree

Hide file tree

Showing 7 changed files with 34 additions and 7 deletions.
diff --git a/.eslintignore b/.eslintignore
@@ -1,3 +1,3 @@
 lib
 coverage
-
+out
diff --git a/README.md b/README.md
@@ -245,6 +245,7 @@ The client keys used with Parse are no longer necessary with Parse Server. If yo
 * `auth` - Used to configure support for [3rd party authentication](http://docs.parseplatform.org/parse-server/guide/#oauth-and-3rd-party-authentication).
 * `facebookAppIds` - An array of valid Facebook application IDs that users may authenticate with.
 * `mountPath` - Mount path for the server. Defaults to `/parse`.
+* `directAccess` - Replace HTTP Interface when using JS SDK in current node runtime. Defaults to false. Caution, this is an experimental feature that may not be appropriate for production.
 * `filesAdapter` - The default behavior (GridStore) can be changed by creating an adapter class (see [`FilesAdapter.js`](https://github.com/parse-community/parse-server/blob/master/src/Adapters/Files/FilesAdapter.js)).
 * `maxUploadSize` - Max file size for uploads. Defaults to 20 MB.
 * `loggerAdapter` - The default behavior/transport (File) can be changed by creating an adapter class (see [`LoggerAdapter.js`](https://github.com/parse-community/parse-server/blob/master/src/Adapters/Logger/LoggerAdapter.js)).

diff --git a/spec/index.spec.js b/spec/index.spec.js
@@ -498,6 +498,16 @@ describe('server', () => {
       .catch(done.fail);
   });
 
+  it('should allow direct access', async () => {
+    const RESTController = Parse.CoreManager.getRESTController();
+    const spy = spyOn(Parse.CoreManager, 'setRESTController').and.callThrough();
+    await reconfigureServer({
+      directAccess: true,
+    });
+    expect(spy).toHaveBeenCalledTimes(1);
+    Parse.CoreManager.setRESTController(RESTController);
+  });
+
   it('should load a middleware from string', done => {
     reconfigureServer({
       middleware: 'spec/support/CustomMiddleware',

diff --git a/src/Options/Definitions.js b/src/Options/Definitions.js
@@ -148,16 +148,16 @@ module.exports.ParseServerOptions = {
   userSensitiveFields: {
     env: 'PARSE_SERVER_USER_SENSITIVE_FIELDS',
     help:
-      'Personally identifiable information fields in the user table the should be removed for non-authorized users. **Deprecated** @see protectedFields',
+      'Personally identifiable information fields in the user table the should be removed for non-authorized users. Deprecated @see protectedFields',
     action: parsers.arrayParser,
     default: ['email'],
   },
   protectedFields: {
     env: 'PARSE_SERVER_PROTECTED_FIELDS',
     help:
-      'Personally identifiable information fields in the user table the should be removed for non-authorized users.',
+      'Protected fields that should be treated with extra security when fetching details.',
     action: parsers.objectParser,
-    default: { _User: { '*': ['email'] } },
+    default: [],
   },
   enableAnonymousUsers: {
     env: 'PARSE_SERVER_ENABLE_ANON_USERS',
@@ -280,6 +280,13 @@ module.exports.ParseServerOptions = {
     action: parsers.numberParser('cacheMaxSize'),
     default: 10000,
   },
+  directAccess: {
+    env: 'PARSE_SERVER_ENABLE_EXPERIMENTAL_DIRECT_ACCESS',
+    help:
+      'Replace HTTP Interface when using JS SDK in current node runtime, defaults to false. Caution, this is an experimental feature that may not be appropriate for production.',
+    action: parsers.booleanParser,
+    default: false,
+  },
   enableSingleSchemaCache: {
     env: 'PARSE_SERVER_ENABLE_SINGLE_SCHEMA_CACHE',
     help:

diff --git a/src/Options/docs.js b/src/Options/docs.js
@@ -28,7 +28,8 @@
  * @property {String} webhookKey Key sent with outgoing webhook calls
  * @property {String} fileKey Key for your files
  * @property {Boolean} preserveFileName Enable (or disable) the addition of a unique hash to the file names
- * @property {String[]} userSensitiveFields Personally identifiable information fields in the user table the should be removed for non-authorized users.
+ * @property {String[]} userSensitiveFields Personally identifiable information fields in the user table the should be removed for non-authorized users. Deprecated @see protectedFields
+ * @property {Any} protectedFields Protected fields that should be treated with extra security when fetching details.
  * @property {Boolean} enableAnonymousUsers Enable (or disable) anon users, defaults to true
  * @property {Boolean} allowClientClassCreation Enable (or disable) client class creation, defaults to true
  * @property {Any} auth Configuration for your authentication providers, as stringified JSON. See http://docs.parseplatform.org/parse-server/guide/#oauth-and-3rd-party-authentication
@@ -50,6 +51,7 @@
  * @property {Number} schemaCacheTTL The TTL for caching the schema for optimizing read/write operations. You should put a long TTL when your DB is in production. default to 5000; set 0 to disable.
  * @property {Number} cacheTTL Sets the TTL for the in memory cache (in ms), defaults to 5000 (5 seconds)
  * @property {Number} cacheMaxSize Sets the maximum size for the in memory cache, defaults to 10000
+ * @property {Boolean} directAccess Replace HTTP Interface when using JS SDK in current node runtime, defaults to false. Caution, this is an experimental feature that may not be appropriate for production.
  * @property {Boolean} enableSingleSchemaCache Use a single schema cache shared across requests. Reduces number of queries made to _SCHEMA, defaults to false, i.e. unique schema cache per request.
  * @property {Boolean} enableExpressErrorHandler Enables the default express error handler for all errors
  * @property {Number} objectIdSize Sets the number of characters in generated object id's, default 10

diff --git a/src/Options/index.js b/src/Options/index.js
@@ -145,6 +145,10 @@ export interface ParseServerOptions {
   /* Sets the maximum size for the in memory cache, defaults to 10000
   :DEFAULT: 10000 */
   cacheMaxSize: ?number;
+  /* Replace HTTP Interface when using JS SDK in current node runtime, defaults to false. Caution, this is an experimental feature that may not be appropriate for production.
+  :ENV: PARSE_SERVER_ENABLE_EXPERIMENTAL_DIRECT_ACCESS
+  :DEFAULT: false */
+  directAccess: ?boolean;
   /* Use a single schema cache shared across requests. Reduces number of queries made to _SCHEMA, defaults to false, i.e. unique schema cache per request.
   :DEFAULT: false */
   enableSingleSchemaCache: ?boolean;

diff --git a/src/ParseServer.js b/src/ParseServer.js
@@ -136,7 +136,7 @@ class ParseServer {
    * @static
    * Create an express app for the parse server
    * @param {Object} options let you specify the maxUploadSize when creating the express app  */
-  static app({ maxUploadSize = '20mb', appId }) {
+  static app({ maxUploadSize = '20mb', appId, directAccess }) {
     // This app serves the Parse API directly.
     // It's the equivalent of https://api.parse.com/1 in the hosted Parse API.
     var api = express();
@@ -193,7 +193,10 @@ class ParseServer {
         ParseServer.verifyServerUrl();
       });
     }
-    if (process.env.PARSE_SERVER_ENABLE_EXPERIMENTAL_DIRECT_ACCESS === '1') {
+    if (
+      process.env.PARSE_SERVER_ENABLE_EXPERIMENTAL_DIRECT_ACCESS === '1' ||
+      directAccess
+    ) {
       Parse.CoreManager.setRESTController(
         ParseServerRESTController(appId, appRouter)
       );