From 42a42cb5a0763a57288e5bb0cca192ee87847c13 Mon Sep 17 00:00:00 2001
From: Diamond Lewis <findlewis@gmail.com>
Date: Tue, 15 Oct 2019 16:44:32 -0500
Subject: [PATCH 1/3] Set Class Level Permission via Parse.Schema

Closes: https://github.com/parse-community/Parse-SDK-JS/issues/583
---
 integration/test/ParseSchemaTest.js | 63 +++++++++++++++++++++++++++++
 src/ParseSchema.js                  | 19 +++++++++
 src/__tests__/ParseSchema-test.js   | 22 ++++++++++
 3 files changed, 104 insertions(+)

diff --git a/integration/test/ParseSchemaTest.js b/integration/test/ParseSchemaTest.js
index 076e0bf7c..65dadc5b4 100644
--- a/integration/test/ParseSchemaTest.js
+++ b/integration/test/ParseSchemaTest.js
@@ -2,6 +2,28 @@ const assert = require('assert');
 const clear = require('./clear');
 const Parse = require('../../node');
 
+const emptyCLPS = {
+  find: {},
+  count: {},
+  get: {},
+  create: {},
+  update: {},
+  delete: {},
+  addField: {},
+  protectedFields: {},
+};
+
+const defaultCLPS = {
+  find: { '*': true },
+  count: { '*': true },
+  get: { '*': true },
+  create: { '*': true },
+  update: { '*': true },
+  delete: { '*': true },
+  addField: { '*': true },
+  protectedFields: { '*': [] },
+};
+
 describe('Schema', () => {
   beforeAll(() => {
     Parse.initialize('integration');
@@ -82,6 +104,47 @@ describe('Schema', () => {
     });
   });
 
+  it('save class level permissions', async () => {
+    const clp = {
+      get: { requiresAuthentication: true },
+      find: {},
+      count: {},
+      create: { '*': true },
+      update: { requiresAuthentication: true },
+      delete: {},
+      addField: {},
+      protectedFields: {}
+    };
+    const testSchema = new Parse.Schema('SchemaTest');
+    testSchema.setCLP(clp);
+    const schema = await testSchema.save();
+    assert.deepEqual(schema.classLevelPermissions, clp);
+  });
+
+  it('update class level permissions', async () => {
+    const clp = {
+      get: { requiresAuthentication: true },
+      find: {},
+      count: {},
+      create: { '*': true },
+      update: { requiresAuthentication: true },
+      delete: {},
+      addField: {},
+      protectedFields: {}
+    };
+    const testSchema = new Parse.Schema('SchemaTest');
+    let schema = await testSchema.save();
+    assert.deepEqual(schema.classLevelPermissions, defaultCLPS);
+
+    testSchema.setCLP(clp);
+    schema = await testSchema.update();
+    assert.deepEqual(schema.classLevelPermissions, clp);
+
+    testSchema.setCLP({});
+    schema = await testSchema.update();
+    assert.deepEqual(schema.classLevelPermissions, emptyCLPS);
+  });
+
   it('update', (done) => {
     const testSchema = new Parse.Schema('SchemaTest');
     testSchema.addString('name');
diff --git a/src/ParseSchema.js b/src/ParseSchema.js
index 9272972ee..8fcfebade 100644
--- a/src/ParseSchema.js
+++ b/src/ParseSchema.js
@@ -30,6 +30,7 @@ class ParseSchema {
   className: string;
   _fields: { [key: string]: mixed };
   _indexes: { [key: string]: mixed };
+  _clp: { [key: string]: mixed };
 
   /**
    * @param {String} className Parse Class string.
@@ -97,6 +98,7 @@ class ParseSchema {
       className: this.className,
       fields: this._fields,
       indexes: this._indexes,
+      classLevelPermissions: this._clp,
     };
 
     return controller.create(this.className, params);
@@ -116,10 +118,12 @@ class ParseSchema {
       className: this.className,
       fields: this._fields,
       indexes: this._indexes,
+      classLevelPermissions: this._clp,
     };
 
     this._fields = {};
     this._indexes = {};
+    this._clp = null;
 
     return controller.update(this.className, params);
   }
@@ -161,6 +165,21 @@ class ParseSchema {
     }
   }
 
+  /**
+   * Sets Class Level Permissions when creating / updating a Schema.
+   * EXERCISE CAUTION, running this may override CLP for this schema and cannot be reversed
+   *
+   * @param {Object} clp Class Level Permissions
+   * @return {Parse.Schema} Returns the schema, so you can chain this call.
+   */
+  setCLP(clp: { [key: string]: mixed }) {
+    if (!clp) {
+      return;
+    }
+    this._clp = clp;
+    return this;
+  }
+
   /**
    * Adding a Field to Create / Update a Schema
    *
diff --git a/src/__tests__/ParseSchema-test.js b/src/__tests__/ParseSchema-test.js
index 1da8c216b..8f553b5f3 100644
--- a/src/__tests__/ParseSchema-test.js
+++ b/src/__tests__/ParseSchema-test.js
@@ -77,6 +77,28 @@ describe('ParseSchema', () => {
     done();
   });
 
+  it('can set schema class level permissions', (done) => {
+    const schema = new ParseSchema('SchemaTest');
+    expect(schema._clp).toBeUndefined();
+    schema.setCLP(undefined);
+    expect(schema._clp).toBeUndefined();
+    schema.setCLP({});
+    expect(schema._clp).toEqual({});
+    const clp = {
+      get: { requiresAuthentication: true },
+      find: {},
+      count: {},
+      create: { '*': true },
+      update: { requiresAuthentication: true },
+      delete: {},
+      addField: {},
+      protectedFields: {}
+    };
+    schema.setCLP(clp);
+    expect(schema._clp).toEqual(clp);
+    done();
+  });
+
   it('cannot add field with null name', (done) => {
     try {
       const schema = new ParseSchema('SchemaTest');

From 1c960131ddd21a09c4775505be9a6093ea2bb18e Mon Sep 17 00:00:00 2001
From: Diamond Lewis <findlewis@gmail.com>
Date: Tue, 15 Oct 2019 17:01:09 -0500
Subject: [PATCH 2/3] Add test cases for invalid clp

---
 integration/test/ParseSchemaTest.js | 4 ++++
 src/ParseSchema.js                  | 3 ---
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/integration/test/ParseSchemaTest.js b/integration/test/ParseSchemaTest.js
index 65dadc5b4..c491fb6b8 100644
--- a/integration/test/ParseSchemaTest.js
+++ b/integration/test/ParseSchemaTest.js
@@ -136,6 +136,10 @@ describe('Schema', () => {
     let schema = await testSchema.save();
     assert.deepEqual(schema.classLevelPermissions, defaultCLPS);
 
+    testSchema.setCLP(1234);
+    schema = await testSchema.update();
+    assert.deepEqual(schema.classLevelPermissions, emptyCLPS);
+
     testSchema.setCLP(clp);
     schema = await testSchema.update();
     assert.deepEqual(schema.classLevelPermissions, clp);
diff --git a/src/ParseSchema.js b/src/ParseSchema.js
index 8fcfebade..c1aebfa2d 100644
--- a/src/ParseSchema.js
+++ b/src/ParseSchema.js
@@ -173,9 +173,6 @@ class ParseSchema {
    * @return {Parse.Schema} Returns the schema, so you can chain this call.
    */
   setCLP(clp: { [key: string]: mixed }) {
-    if (!clp) {
-      return;
-    }
     this._clp = clp;
     return this;
   }

From e70e726f3c3ab9779564249754ba3f3e30ad33c1 Mon Sep 17 00:00:00 2001
From: Diamond Lewis <findlewis@gmail.com>
Date: Tue, 15 Oct 2019 17:25:42 -0500
Subject: [PATCH 3/3] more tests

---
 integration/test/ParseSchemaTest.js | 23 +++++++++++++++++++++++
 src/ParseSchema.js                  |  1 -
 2 files changed, 23 insertions(+), 1 deletion(-)

diff --git a/integration/test/ParseSchemaTest.js b/integration/test/ParseSchemaTest.js
index c491fb6b8..382aa3832 100644
--- a/integration/test/ParseSchemaTest.js
+++ b/integration/test/ParseSchemaTest.js
@@ -149,6 +149,29 @@ describe('Schema', () => {
     assert.deepEqual(schema.classLevelPermissions, emptyCLPS);
   });
 
+  it('update class level permissions multiple', async () => {
+    const clp = {
+      get: { requiresAuthentication: true },
+      find: {},
+      count: {},
+      create: { '*': true },
+      update: { requiresAuthentication: true },
+      delete: {},
+      addField: {},
+      protectedFields: {}
+    };
+    const testSchema = new Parse.Schema('SchemaTest');
+    testSchema.setCLP(clp);
+    let schema = await testSchema.save();
+    assert.deepEqual(schema.classLevelPermissions, clp);
+
+    schema = await testSchema.update();
+    assert.deepEqual(schema.classLevelPermissions, clp);
+
+    schema = await testSchema.update();
+    assert.deepEqual(schema.classLevelPermissions, clp);
+  });
+
   it('update', (done) => {
     const testSchema = new Parse.Schema('SchemaTest');
     testSchema.addString('name');
diff --git a/src/ParseSchema.js b/src/ParseSchema.js
index c1aebfa2d..f1155e666 100644
--- a/src/ParseSchema.js
+++ b/src/ParseSchema.js
@@ -123,7 +123,6 @@ class ParseSchema {
 
     this._fields = {};
     this._indexes = {};
-    this._clp = null;
 
     return controller.update(this.className, params);
   }