User ACL + Role not working

reptilehaus · August 5, 2022, 2:09pm

I have an object which has:

_wperm: “role:admin”
_rperm: “role:admin”

_acl: role:admin
w: true
r: true

and a user who has been added to the admin group. I am then trying to query a collection like so:
await new Parse.Query(Organizations).find()

and there is no results, is there any reason why this might happen ? the user should have full access to 1 object in this collection. I have set the CLP to be public, I also tried setting CLP to admin but nothing works

reptilehaus · August 5, 2022, 2:38pm

I saw this on stackoverflow, is it true that you must pass the session token into find in order to have ACL queries work (read here: Parse Server ignores ACL - Stack Overflow)

result = await query.find({sessionToken : user.getSessionToken()});
instead of
result = await query.find();

davimacedo · August 5, 2022, 2:52pm

Where are you running the query? If you are running from cloud code, yes. You need to pass session token.