Parse Cloud 中的主密钥是什么? [英] What does the Master Key in Parse Cloud?

问题描述

谁能简单解释一下 Parse Cloud Code 中的 master key 是什么?

Could somebody explain me in brief that what does the master key within Parse Cloud Code?

最近实现的 CC 功能(使用主密钥)是否有可能改变其他非 Cloud Code 功能的行为?

Is it possible that a recently implemented CC function (which uses the master key) can change the behavior of other non Cloud Code functions?

例如，您有一个正常工作的解决方案，它允许当前用户将其他 PFUser 对象添加到关系中，并在需要时删除它们.到目前为止，您不需要主密钥，因为您使用当前用户编写了PFUser currentUser.稍后您创建另一种类型的用户关系，您想在其中编写另一个 PFUser 对象，现在这一次您需要使用 master key，因为没有这个 currentUser 将无法编写另一个 PFUser 对象.因此，您创建了一个 Cloud Code 文件来处理此问题，并赋予实际 currentUser 合法性以写入其他用户.现在一切正常，当实际用户想要写入其他用户对象时，我们不会收到错误消息.然而事情发生了.当 currentUser 试图从他的第一个 PFRelation(这也在新的 cc 函数之前工作)中删除数据时，他得到同样的错误 ..user must be authentication via我们在第一次尝试编写其他用户之前获得的登录或注册.

As an instance, you have a properly working solution which lets to the current user to add other PFUser objects into a relation and delete them if needed. Until this point you don't need the master key because you writing the PFUser currentUser with the current user. Later you create another type of user relation where you want to write another PFUser object, now this time you need to use master key, because without this the currentUser won't be able to write another PFUser objects. Therefore you create a Cloud Code file to handle this issue and give legitimacy to the actual currentUser for writing other users. Now everything is working fine, we don't get an error when the actual user wants to write other user objects. However something happened. When currentUser tries to delete data from his first PFRelation (that was also worked before the new cc function) he gets the same error ..user must be authenticated via logIn or signUp that we got before we first tried to write an other user.

我猜因为我们使用主密钥，它将覆盖现有/原始安全选项我们需要为所有其他功能实现它.我对吗?如果是，我该如何处理?或者是否可以只在 main.js cc 文件中设置不同的限制，并且每个旧"功能都会以相同的方式工作，加上使用主密钥的新功能?

I guess since we using the master key it will override the existing/original security options and we need to implement it for every other function. Am i right? If yes, how should i deal with this? Or is it possible to just set different restrictions inside the main.js cc file, and every "old" function will work in the same way plus the new one which using master key?

我非常感谢有关该主题的任何信息，因为这对我来说是一个巨大的黑洞.

I would really appreciate any information about the topic, because it's a huge black hole for me.

推荐答案

主密钥会覆盖所有安全性，例如 ACL 或基于类的权限.它就像root"密码.

The master key overrides all security, such as ACL or Class-based permissions. It is like the "root" password.

您应该只在需要时调用它，因为使用 Parse.Cloud.useMasterKey(); 启用后当前请求的所有方法都将使用主密钥.

You should invoke it only when needed, because all methods for the current request after it is enabled with Parse.Cloud.useMasterKey(); will use the master key.

您可以通过将选项传递给各个查询/保存/等方法来有选择地使用它.

You can selectively use it by passing options to the individual query/save/etc methods.

query.find({ useMasterKey: true }).then(function(results) { // ...

object.save(null, { useMasterKey: true }).then( // ...

这篇关于Parse Cloud 中的主密钥是什么?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！