解析中的属性级访问控制

Question

Data & Security guide at Parse.com描述了如何控制对类和对象级别的访问。我正在寻找一种方法来限制某个类的某些属性对所有用户的写权限。这怎么能实现？

我的想法是使用一对一关系并限制相关类的访问。然而，这并不像标准的方式...

Answer 1

最简单的方法是使用云代码。下面是你如何做到这一点：

Parse.Cloud.beforeSave("YourObject", function(request, response) 
{ 
    // Find a way to decide if writing is allowed. 
    var writingForbidden = (request.master === false); 

    if (writingForbidden) 
    { 
     var readOnlyProperties = ["property1", "property2", "property3", "..."]; 

     var dirtyProperties = request.object.dirtyKeys(); 
     for (i = 0 ; i < dirtyProperties.length ; i++) { 
      var dirtyProperty = dirtyProperties[i]; 
      if (readOnlyProperties.indexOf(dirtyProperty) > -1) { 
       return response.error("Trying to change a readonly property : " + dirtyProperty); 
      } 
     } 
    } 

    return response.success(); 
}