parse-community
feat: Add file beforeFind triggers, file ACL, file cleanup, file references
New Pull Request Checklist
- [x] I am not disclosing a vulnerability.
- [x] I am creating this PR in reference to an issue.
Issue Description
This PR overhauls the File functionality of Parse Server by:
Creating _FileObject class:
This class allows created files to be referenced. Allows files to be created with ACLs, allows file deletion to be controlled by ACLs (currently any user can delete a file if they have the URL)
Creating _FileSession class:
This class creates "presigned urls" for Parse Files. Creates a token that is amended to the File URL. This token is then used in the beforeFind trigger to determine authentication. Will need to work in with directAccess.
Creating _FileReference class:
This class tracks file references per objectId and class, allowing the server to determine whether a file is an orphan.
Introduces ParseServer.cleanupFiles
Developers will need to manually create _FileObject's and _FileReference's for existing deployments. _FileReferences continues to update when objects are accessed.
Closes: #1023 Closes: #8241
Approach
TODOs before merging
- [x] Add tests
I will reformat the title to use the proper commit message syntax.
![parse-github-assistant[bot] avatar](https://avatars.githubusercontent.com/in/136195?v=4 "Published by a pub.dev verified publisher"){kind=small}
Thanks for opening this pull request!
- 🎉 We are excited about your hands-on contribution!
There is still a bit to do in this PR - just looking for general feedback about the approach @parse-community/server-review
