I’m trying to save a parseObject in cloud code. I have to use session token and master key together.
.save(null,{sessionToken: user.getSessionToken(),useMasterKey:true});
But session token doesn’t work. How to pass session token?
Edit: If I use only session token like this:
.save(null,{sessionToken: user.getSessionToken()});
It works, but passing both session token and master key will not work. Master key is working but seems like sessionToken value is ignored.
Tom
April 15, 2020, 3:42pm
2
It looks like this could be related to an existing issue…
opened 03:16PM - 15 Mar 20 UTC
closed 10:10AM - 07 Jun 20 UTC
**Is your feature request related to a problem? Please describe.**
Given the … following code:
```
var object = new Object();
object.set('someField', true);
const result = await object.save(null, { sessionToken: user.get('sessionToken'), useMasterKey : true}).catch(e => e);
```
and the following beforeSave hook:
```
Parse.Cloud.beforeSave('Object', async (request) =>
{
const user = request.user;
const isMaster = request.master;
const object = request.object;
console.log('Ask/BeforeSave')
debug(user) // undefined
debug(isMaster) // true
})
```
Saving the object triggers the beforeSave hook, but the `request.user` is undefined when using `useMasterKey`. **The problem occurs when `Object` creation is not allowed by the client**, thus I can only create `Object` with the masterKey. As a result, I don't have access anymore to `request.user` in beforeSave and afterSave and thus I don't know for which user this object was saved. I need this information (ie user id) to execute other side effects.
**Describe the solution you'd like**
Given that both `useMasterKey` and `sessionToken` are set, request.user should always include the user on which behalf this request was executed.
**Describe alternatives you've considered**
I haven't found any other solution, besides ticket #6459 .
**Additional context**
using "parse-server": "^3.9.0",
I will need this feature for an upcoming application, so unless there is a workaround, i'll be open to write a solution if you can give me some pointers.
It doesn’t make sense to save an object passing session token and master key at the same time. You need to choose if you either you want to save the object as an user (by passing the session token) or the master (by passing the master key).
yes. I have that issue. I write a simple use case. to that issue. With my example code, Issue is reproducable
Hi Davi. I wrote a simple use case to the issue. See my codes. Even I use master key, I still need user id in my beforeSave trigger
opened 03:16PM - 15 Mar 20 UTC
closed 10:10AM - 07 Jun 20 UTC
**Is your feature request related to a problem? Please describe.**
Given the … following code:
```
var object = new Object();
object.set('someField', true);
const result = await object.save(null, { sessionToken: user.get('sessionToken'), useMasterKey : true}).catch(e => e);
```
and the following beforeSave hook:
```
Parse.Cloud.beforeSave('Object', async (request) =>
{
const user = request.user;
const isMaster = request.master;
const object = request.object;
console.log('Ask/BeforeSave')
debug(user) // undefined
debug(isMaster) // true
})
```
Saving the object triggers the beforeSave hook, but the `request.user` is undefined when using `useMasterKey`. **The problem occurs when `Object` creation is not allowed by the client**, thus I can only create `Object` with the masterKey. As a result, I don't have access anymore to `request.user` in beforeSave and afterSave and thus I don't know for which user this object was saved. I need this information (ie user id) to execute other side effects.
**Describe the solution you'd like**
Given that both `useMasterKey` and `sessionToken` are set, request.user should always include the user on which behalf this request was executed.
**Describe alternatives you've considered**
I haven't found any other solution, besides ticket #6459 .
**Additional context**
using "parse-server": "^3.9.0",
I will need this feature for an upcoming application, so unless there is a workaround, i'll be open to write a solution if you can give me some pointers.
Again it does not make sense. You need to choose if you want to do the operation as an user or as the master. What do you want to achieve by sending both session token and master key?
Tom
April 15, 2020, 4:18pm
7
I’ll close this so we can keep discussion in one place: 6512 .