Open ivan-liljeqvist opened 2 years ago
the UI says
Do you mean the UI in Parse Dashboard?
Yea exactly I realize now it’s not the correct repo for this issue - I can move it to the dashboard repo?
Are you referring to the dialog below? If yes, what are the changes you propose?
It doesn't say "all fields", so the information is at least not incorrect. But as I understand from your issue, it doesn't mention that _Session
is a special class that has some access limitations built-into Parse Server. Since these limitations can change anytime on the server side, I don't think a specific message should be built into Parse Dashboard. The message would become incorrect, when using a different version of Parse Sever or just a different server configuration.
No I am referring to the ACL column. It says "Public Read and Write" for all rows.
Each user can only get Sessions belonging to them.
Therefore the UI should say userId
for each row and not Public Read and Write
I understand that _Session
is a special class, but our developers ask us to explain why ACL is set to public RW (they are worried all their user sessions are public) and we have to explain to them that it's a special class etcetc
It's confusing don't you agree?
Therefore the UI should say userId for each row and not Public Read and Write
Yes, I guess that makes sense. Do you want to open a PR to fix this?
You could start by investigating in Parse Dashboard why it is displayed as "Public Read + Write", i.e. what the server response is and how that is interpreted by Parse Dashboard to display the "Public Read + Write". This may indeed be a Parse Server issue, because I assume the server should already send the correct ACL, which maybe should be the user ID, as you suggest.
Yes we will check!
New Issue Checklist
Issue Description
ACL for the Session class says
Public Read and Write
for all rows which is confusing for developers.Parse docs explain that ACL should be set to a role or a user id in order to be protected.
Session Class seems to be protected under the hood but the UI says
Public Read and Write
in the ACL column which we should fix.Steps to reproduce
Spin up a server and login a user.
Actual Outcome
All rows in Session class has ACL set to "Public Read and Write"
Expected Outcome
Environment
All rows in Session class should have ACL set to userID
Server
Database
Client
Logs