feat(ACL): add includeACL flag for Query and fetching (#470)

Author: leeyeh

src/file.js

@@ -5,7 +5,7 @@ const s3 = require('./uploader/s3');
 const AVError = require('./error');
 const AVRequest = require('./request').request;
 const Promise = require('./promise');
-const { tap } = require('./utils');
+const { tap, transformFetchOptions } = require('./utils');
 const debug = require('debug')('leancloud:file');
 const parseBase64 = require('./utils/parse-base64');
 
@@ -521,14 +521,14 @@ module.exports = function(AV) {
     /**
     * fetch the file from server. If the server's representation of the
     * model differs from its current attributes, they will be overriden,
-    * @param {AuthOptions} options AuthOptions plus 'keys' and 'include' option.
+    * @param {Object} fetchOptions Optional options to set 'keys',
+    *      'include' and 'includeACL' option.
+    * @param {AuthOptions} options
     * @return {Promise} A promise that is fulfilled when the fetch
     *     completes.
     */
-    fetch: function(options) {
-        var options = null;
-
-        var request = AVRequest('files', null, this.id, 'GET', options);
+    fetch: function(fetchOptions, options) {
+        var request = AVRequest('files', null, this.id, 'GET', transformFetchOptions(fetchOptions), options);
         return request.then(this._finishFetch.bind(this));
     },
     _finishFetch: function(response) {

src/object.js

@@ -808,23 +808,17 @@ module.exports = function(AV) {
      * Fetch the model from the server. If the server's representation of the
      * model differs from its current attributes, they will be overriden,
      * triggering a <code>"change"</code> event.
-     * @param {Object} fetchOptions Optional options to set 'keys' and
-     *      'include' option.
+     * @param {Object} fetchOptions Optional options to set 'keys',
+     *      'include' and 'includeACL' option.
      * @param {AuthOptions} options
      * @return {Promise} A promise that is fulfilled when the fetch
      *     completes.
      */
-    fetch: function(fetchOptions = {}, options) {
-      if (_.isArray(fetchOptions.keys)) {
-        fetchOptions.keys = fetchOptions.keys.join(',');
-      }
-      if (_.isArray(fetchOptions.include)) {
-        fetchOptions.include = fetchOptions.include.join(',');
-      }
+    fetch: function(fetchOptions, options) {
 
       var self = this;
       var request = AVRequest('classes', this.className, this.id, 'GET',
-                                fetchOptions, options);
+                                utils.transformFetchOptions(fetchOptions), options);
       return request.then(function(response) {
         self._finishFetch(self.parse(response), true);
         return self;

src/query.js

@@ -197,6 +197,7 @@ module.exports = function(AV) {
 
       if (queryJSON.keys) fetchOptions.keys = queryJSON.keys;
       if (queryJSON.include) fetchOptions.include = queryJSON.include;
+      if (queryJSON.includeACL) fetchOptions.includeACL = queryJSON.includeACL;
 
       return obj.fetch(fetchOptions, options);
     },
@@ -216,6 +217,9 @@ module.exports = function(AV) {
       if (this._select.length > 0) {
         params.keys = this._select.join(",");
       }
+      if (this._includeACL !== undefined) {
+        params.returnACL = this._includeACL;
+      }
       if (this._limit >= 0) {
         params.limit = this._limit;
       }
@@ -929,6 +933,16 @@ module.exports = function(AV) {
       return this;
     },
 
+    /**
+     * Include the ACL.
+     * @param {Boolean} [value=true] Whether to include the ACL
+     * @return {AV.Query} Returns the query, so you can chain this call.
+     */
+    includeACL: function(value = true) {
+      this._includeACL = value;
+      return this;
+    },
+
     /**
      * Restrict the fields of the returned AV.Objects to include only the
      * provided keys.  If this is called multiple times, then all of the keys

src/utils/index.js

@@ -13,6 +13,20 @@ const ensureArray = target => {
   return [target];
 };
 
+const transformFetchOptions = ({ keys, include, includeACL } = {}) => {
+  const fetchOptions = {};
+  if (_.isArray(keys)) {
+    fetchOptions.keys = keys.join(',');
+  }
+  if (_.isArray(include)) {
+    fetchOptions.include = include.join(',');
+  }
+  if (includeACL) {
+    fetchOptions.returnACL = includeACL;
+  }
+  return fetchOptions;
+};
+
 const getSessionToken = (authOptions) => {
   if (authOptions.sessionToken) {
     return authOptions.sessionToken;
@@ -29,6 +43,7 @@ const tap = interceptor => value => ((interceptor(value), value));
 module.exports = {
   isNullOrUndefined,
   ensureArray,
+  transformFetchOptions,
   getSessionToken,
   tap,
 };

test/acl.js

@@ -2,26 +2,42 @@
 
 var GameScore = AV.Object.extend("GameScore");
 describe("ObjectACL", function () {
-  describe("*", function () {
-    it("set * acl", function () {
-      var gameScore = new GameScore();
-      gameScore.set("score", 2);
-      gameScore.set("playerName", "sdf");
-      gameScore.set("cheatMode", false);
+  it("set and fetch acl", function () {
+    var gameScore = new GameScore();
+    gameScore.set("score", 2);
+    gameScore.set("playerName", "sdf");
+    gameScore.set("cheatMode", false);
 
-      var postACL = new AV.ACL();
-      postACL.setPublicReadAccess(true);
-      postACL.setPublicWriteAccess(true);
+    var postACL = new AV.ACL();
+    postACL.setPublicReadAccess(true);
+    postACL.setPublicWriteAccess(true);
 
-      postACL.setReadAccess("546", true);
-      postACL.setReadAccess("56238", true);
-      postACL.setWriteAccess("5a061", true);
-      postACL.setRoleWriteAccess("r6", true);
-      gameScore.setACL(postACL);
-      return gameScore.save().then(result => {
-        result.id.should.be.ok();
-        return gameScore.destroy();
+    postACL.setReadAccess("read-only", true);
+    postACL.setWriteAccess("write-only", true);
+    postACL.setRoleWriteAccess("write-only-role", true);
+    gameScore.setACL(postACL);
+    return gameScore.save().then(result => {
+      result.id.should.be.ok();
+      return AV.Object.createWithoutData('GameScore', result.id).fetch({
+        includeACL: true,
       });
-    });
+    }).then(fetchedGameScore => {
+      const acl = fetchedGameScore.getACL();
+      acl.should.be.instanceOf(AV.ACL);
+      acl.getPublicReadAccess().should.eql(true);
+      acl.getPublicWriteAccess().should.eql(true);
+      acl.getReadAccess('read-only').should.eql(true);
+      acl.getWriteAccess('read-only').should.eql(false);
+      acl.getReadAccess('write-only').should.eql(false);
+      acl.getWriteAccess('write-only').should.eql(true);
+      acl.getRoleReadAccess('write-only-role').should.eql(false);
+      acl.getRoleWriteAccess('write-only-role').should.eql(true);
+    }).then(
+      () => gameScore.destroy(),
+      error => {
+        gameScore.destroy();
+        throw error;
+      }
+    );
   });
 });

test/query.js

@@ -208,6 +208,16 @@ describe('Queries', function () {
         });
     });
 
+    it('includeACL', function () {
+      return new AV.Query(GameScore)
+        .includeACL()
+        .equalTo('objectId', this.gameScore.id)
+        .find()
+        .then(([gameScore]) => {
+          gameScore.getACL().should.be.instanceOf(AV.ACL);
+        });
+    });
+
     it('containsAll with an large array should not cause URI too long', () => {
       return new AV.Query(GameScore)
         .containsAll('arr', new Array(200).fill('contains-all-test'))