New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

support file DELETEs #354

Merged
merged 1 commit into from Feb 12, 2016

Conversation

Projects
None yet
4 participants
@westhom
Contributor

westhom commented Feb 11, 2016

e.g.

curl -X DELETE \
        -H "X-Parse-Application-Id: <app_id>" \
        -H "X-Parse-Master-Key: <master_key>" \
        http://localhost:1337/files/2e85ede1e439506909e1a388710fc2b8_hey.jpg

Returns empty 200 on success, but probably wants to return useful JSON instead? Fixes #340

@nlutsenko

This comment has been minimized.

Show comment
Hide comment
@nlutsenko

nlutsenko Feb 11, 2016

Contributor

This is pretty exciting! Good job on implementing this!
Except of that nit, few thoughts and requests:

  • Can we have at least a single e2e test? Look at some of the basic tests in ParseFile.spec.js, we probably would want something REST-api based and e2e full (create/read/delete/read).
  • We need to enforce master-key security on this, since anyone with an appid/any-key will be able to delete files, which is pretty bad.
Contributor

nlutsenko commented Feb 11, 2016

This is pretty exciting! Good job on implementing this!
Except of that nit, few thoughts and requests:

  • Can we have at least a single e2e test? Look at some of the basic tests in ParseFile.spec.js, we probably would want something REST-api based and e2e full (create/read/delete/read).
  • We need to enforce master-key security on this, since anyone with an appid/any-key will be able to delete files, which is pretty bad.
@westhom

This comment has been minimized.

Show comment
Hide comment
@westhom

westhom Feb 11, 2016

Contributor

@nlutsenko Thanks for reviewing. I'll add in an e2e test to the PR. Regarding master-key security, I have a check in the deletionHandler for req.auth.isMaster, which seems to be working-- I can't delete images if I don't have X-Parse-Master-Key set correctly. Better way of doing this?

In any event, I'll also add a test for unauthenticated deletion attempt.

Contributor

westhom commented Feb 11, 2016

@nlutsenko Thanks for reviewing. I'll add in an e2e test to the PR. Regarding master-key security, I have a check in the deletionHandler for req.auth.isMaster, which seems to be working-- I can't delete images if I don't have X-Parse-Master-Key set correctly. Better way of doing this?

In any event, I'll also add a test for unauthenticated deletion attempt.

@nlutsenko

This comment has been minimized.

Show comment
Hide comment
@nlutsenko

nlutsenko Feb 11, 2016

Contributor

Sorry, totally missed it, you are absolutely correct.

Contributor

nlutsenko commented Feb 11, 2016

Sorry, totally missed it, you are absolutely correct.

@facebook-github-bot

This comment has been minimized.

Show comment
Hide comment
@facebook-github-bot

facebook-github-bot Feb 11, 2016

@westhom updated the pull request.

facebook-github-bot commented Feb 11, 2016

@westhom updated the pull request.

@facebook-github-bot

This comment has been minimized.

Show comment
Hide comment
@facebook-github-bot

facebook-github-bot Feb 11, 2016

@westhom updated the pull request.

facebook-github-bot commented Feb 11, 2016

@westhom updated the pull request.

@facebook-github-bot

This comment has been minimized.

Show comment
Hide comment
@facebook-github-bot

facebook-github-bot Feb 12, 2016

@westhom updated the pull request.

facebook-github-bot commented Feb 12, 2016

@westhom updated the pull request.

@westhom

This comment has been minimized.

Show comment
Hide comment
@westhom

westhom Feb 12, 2016

Contributor

Added to ParseFile spec:

  • REST file end-to-end coverage for create, read, delete, read
  • verify you cannot delete file with incorrect or missing X-Parse-Master-Key
Contributor

westhom commented Feb 12, 2016

Added to ParseFile spec:

  • REST file end-to-end coverage for create, read, delete, read
  • verify you cannot delete file with incorrect or missing X-Parse-Master-Key
@facebook-github-bot

This comment has been minimized.

Show comment
Hide comment
@facebook-github-bot

facebook-github-bot Feb 12, 2016

@westhom updated the pull request.

facebook-github-bot commented Feb 12, 2016

@westhom updated the pull request.

@nlutsenko

This comment has been minimized.

Show comment
Hide comment
@nlutsenko

nlutsenko Feb 12, 2016

Contributor

Looks great! So glad we have this now!

Contributor

nlutsenko commented Feb 12, 2016

Looks great! So glad we have this now!

nlutsenko added a commit that referenced this pull request Feb 12, 2016

@nlutsenko nlutsenko merged commit e6ef0ae into parse-community:master Feb 12, 2016

2 checks passed

codecov/project 86.08% (target 80.00%)
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

@nlutsenko nlutsenko referenced this pull request Feb 12, 2016

Closed

GridStore - File Delete? #143

@ishaan1995

This comment has been minimized.

Show comment
Hide comment
@ishaan1995

ishaan1995 Feb 12, 2016

Closed issue--> #340
The file delete is still not working, i have update the parse-server code today, that has the commit for file delete, but still the same error occurs as mentioned above.
It seems as the master key is doing nothing because even if i do not enter the master key, i get that same error--> cannot delete /parse/....

ishaan1995 commented Feb 12, 2016

Closed issue--> #340
The file delete is still not working, i have update the parse-server code today, that has the commit for file delete, but still the same error occurs as mentioned above.
It seems as the master key is doing nothing because even if i do not enter the master key, i get that same error--> cannot delete /parse/....

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment