Hi i am trying do a very simple backend where admin can modify other users account but its not working. I understand this is happening because parse has some default security settings that does not allow this. Below is the code snippet from the update route of the web app:
//UPDATE ROUTE
router.put("/:id", function(req, res){
var Users = Parse.Object.extend("User");
var query = new Parse.Query(Users);
// find and update the correct user
query.get(req.params.id).then(function(user) {
user.set("name", req.body.name);
user.save().then(function(doctor) {
console.log("user has been updated");
res.redirect("/doctors/"+ req.params.id);
}, function(error) {
console.log(error.message);
});
}, function(error) {
console.log("user could not be retrieved!");
});
});
The Error Message is : Cannot modify user HeFxUOj7q9. HeFxUOj7q9 is the Objectid for the user which i am trying to update from another account(admin account)
I have an admin account already created on the parse server User class but I can't figure out how to update other accounts using the admin account. I am using parse server on nodeJs. I would really appreciate any help offered. Thanks in advance.
When you're initializing parse, you should include the masterKey and call useMasterKey like so:
Parse.initialize("YOUR_APP_ID", "YOUR_JAVASCRIPT_KEY", "YOUR_MASTERKEY");
Parse.serverURL = 'http://YOUR_PARSE_SERVER:1337/parse';
Parse.Cloud.useMasterKey();
However, be wary of doing this for endpoints that are publicly accessible, and never include your master key on a client-side application.