How do I programmatically set pointer permissions on a CLP in Parse Server?

Question

I'd like to set pointer permissions on a CLP using either the REST API or the JS SDK so I can automate the process. Is this possible?

The documentation discusses pointer permissions, but doesn't show how to implement them AFAIK. From the linked docs:

Pointer permissions are a special type of class-level permission that create a virtual ACL on every object in a class, based on users stored in pointer fields on those objects. For example, given a class with an owner field, setting a read pointer permission on owner will make each object in the class only readable by the user in that object’s owner field.

How do I achieve the above programmatically? As in, if I have an object with an owner property that stores a User pointer, how do I set a CLP to make this object only readable by the owner?

Answer 1

I was able to figure this out by searching through the Parse Server source. This test suite demonstrates pointer permission usage.

When adding a CLP to object schema, you can set pointer permissions by including the pointer names in the readUserFields and writeUserFields properties of the CLP. Here's an example:

const exampleSchema = new Parse.Schema('Example')

exampleSchema
  .addString('content')
  .addPointer('owner', '_User')

const clp = {
  create: { '*': true },
  readUserFields: ['owner'],
  writeUserFields: ['owner']
}

exampleSchema.setCLP(clp)

await exampleSchema.save()

The above creates schema for the Example object. It allows anyone to create an Example, but only allows the user set in the owner property to read or write the object.