No write permission for user created with PFFacebookUtils.logInInBackgroundWithReadPermissions #2105
Description
Issue Description
When a PFUser is created on Parse Server with PFFacebookUtils.logInInBackgroundWithReadPermissions it has no write permission to existing objects with ACL (Public: Read, User: Write). It can however create new objects with that ACL.
The object's ACL is set as:
let acl = PFACL()
acl.setWriteAccess(true, forUser: currentUser)
acl.publicReadAccess = true
aObject.ACL = acl
which results in permissions:
{
"_id": "Asd1tk4FeW",
"_rperm": [
"*"
],
"_wperm": [
"xdY082YDF0"
],
"_acl": {
"*": {
"r": true
},
"xdY082YDF0": {
"w": true
}
}
}
Steps to reproduce
- Create new user with
PFFacebookUtils.logInInBackgroundWithReadPermissions - Create object with ACL: Public read, user write.
- Try updating a field of the object, e.g. with
PFObject.saveInBackgroundWithBlock.
Expected Results
Updating the object should succeed.
Actual Outcome
Updating the object fails with error, user has no write permissions:
[Error]: Object not found. (Code: 101, Version: 1.13.0)
(Error Domain=Parse Code=101 "Object not found." UserInfo={code=101, temporary=0, error=Object not found., NSLocalizedDescription=Object not found.})
The solution is to log-out and re-log-in the user, then the update and all following updates succeed.
The update also succeeded without re-login when Public: write is enabled in the object's ACL in Parse Dashboard.
This issue does not occur when creating a user with PFUser.signUpInBackgroundWithBlock.
Environment Setup
- Server
- parse-server version: 2.2.11
- Operating System: -
- Hardware: -
- Localhost or remote server?: Heroku
- Database
- MongoDB version: 3.0.9.
- Storage engine: -
- Hardware: -
- Localhost or remote server? (AWS, mLab, ObjectRocket, Digital Ocean, etc): mLab