CLP in Dashboard problem

I’m trying to get the CLP to work but for some reasons it does not. I had it to work before and I can’t find how again.

I have a profile class which contains a pointer field to a user. I set the CLP as follow :

I also hooked a beforeFind on Profile and logged the request to make sure the user does get sent, and it does.

Last part of request sent :

user: ParseUser { _objCount: 20, className: ‘_User’, id: ‘a8tThkoh3j’ },
installationId: ‘00cb69b7-d74c-49fd-8546-e824c0c49097’

However, I still get :

error: Parse error: Permission denied for action find on class profile. {“code”:119,“stack”:“Error: Permission denied for action find on class profile.\n at Function.validatePermission (C:\Users\JP\
Desktop\Projets\auction\back\node_modules\parse-server\lib\Controllers\SchemaController.js:1422:11)\n at SchemaController.validatePermission (C:\Users\JP\Desktop\Projets\auction\back\nod
e_modules\parse-server\lib\Controllers\SchemaController.js:1427:29)\n at C:\Users\JP\Desktop\Projets\auction\back\node_modules\parse-server\lib\Controllers\DatabaseController.js:1111:65
n at runMicrotasks ()\n at processTicksAndRejections (internal/process/task_queues.js:97:5)”}

Also, CLP seems to work, if I add the userID directly in the CLP , logged user can write or read the whole class. What I want is that only users in the “creator” field can read or write the row.

Here it seems that you have a wrong CLP configuration, try to allow read for authenticated users.

Then only authenticated users can request a find. In second time, the pointer will take the lead to filter records by current user on the creator pointer.

If you check the authenticated read what is the behavior ?

1 Like