Restores jobs endpoints for creation, update and deletion

flovilmart · flovilmart · commit f23f3f158429 · 2017-06-13T23:13:27.000-04:00
diff --git a/src/Controllers/SchemaController.js b/src/Controllers/SchemaController.js
@@ -98,12 +98,12 @@ const defaultColumns = Object.freeze({
   _JobSchedule: {
     "jobName":      {type:'String'},
     "description":  {type:'String'},
-    "params":       {type:'Object'},
-    "startAfter":   {type:'Date'},
+    "params":       {type:'String'},
+    "startAfter":   {type:'String'},
     "daysOfWeek":   {type:'Array'},
     "timeOfDay":    {type:'String'},
     "lastRun":      {type:'Number'},
-    "repeatMinutes":{type:'String'}
+    "repeatMinutes":{type:'Number'}
   },
   _Hooks: {
     "functionName": {type:'String'},
diff --git a/src/Routers/CloudCodeRouter.js b/src/Routers/CloudCodeRouter.js
@@ -1,20 +1,65 @@
-import PromiseRouter from '../PromiseRouter';
-const triggers = require('../triggers');
+import PromiseRouter  from '../PromiseRouter';
+import rest           from '../rest';
+const triggers        = require('../triggers');
+const middleware      = require('../middlewares');
 
 export class CloudCodeRouter extends PromiseRouter {
   mountRoutes() {
-    this.route('GET',`/cloud_code/jobs`, CloudCodeRouter.getJobs);
+    this.route('GET', '/cloud_code/jobs', middleware.promiseEnforceMasterKeyAccess, CloudCodeRouter.getJobs);
+    this.route('GET', '/cloud_code/jobs/data', middleware.promiseEnforceMasterKeyAccess, CloudCodeRouter.getJobsData);
+    this.route('POST', '/cloud_code/jobs', middleware.promiseEnforceMasterKeyAccess, CloudCodeRouter.createJob);
+    this.route('PUT', '/cloud_code/jobs/:objectId', middleware.promiseEnforceMasterKeyAccess, CloudCodeRouter.editJob);
+    this.route('DELETE', '/cloud_code/jobs/:objectId', middleware.promiseEnforceMasterKeyAccess, CloudCodeRouter.deleteJob);
   }
 
   static getJobs(req) {
+    return rest.find(req.config, req.auth, '_JobSchedule', {}, {}).then((scheduledJobs) => {
+      return {
+        response: scheduledJobs.results
+      }
+    });
+  }
+
+  static getJobsData(req) {
     const config = req.config;
     const jobs = triggers.getJobs(config.applicationId) || {};
-    return Promise.resolve({
-      response: Object.keys(jobs).map((jobName) => {
-        return {
-          jobName,
+    return rest.find(req.config, req.auth, '_JobSchedule', {}, {}).then((scheduledJobs) => {
+      return {
+        response: {
+          in_use: scheduledJobs.results.map((job) => job.jobName),
+          jobs: Object.keys(jobs),
         }
-      })
+      };
+    });
+  }
+
+  static createJob(req) {
+    const { job_schedule } = req.body;
+    if (typeof job_schedule.startAfter === 'undefined') {
+      job_schedule.startAfter = new Date().toISOString();
+    }
+    return rest.create(req.config, req.auth, '_JobSchedule', job_schedule, req.client);
+  }
+
+  static editJob(req) {
+    const { objectId } = req.params;
+    const { job_schedule } = req.body;
+    if (typeof job_schedule.startAfter === 'undefined') {
+      job_schedule.startAfter = new Date().toISOString();
+    }
+    return rest.update(req.config, req.auth, '_JobSchedule', { objectId }, job_schedule).then((response) => {
+      return {
+        response
+      }
+    });
+  }
+
+  static deleteJob(req) {
+    const { objectId } = req.params;
+    return rest.del(req.config, req.auth, '_JobSchedule', objectId).then((response) => {
+      return {
+        response
+      }
     });
   }
 }
diff --git a/src/rest.js b/src/rest.js
@@ -134,15 +134,9 @@ function update(config, auth, className, restWhere, restObject, clientSDK) {
   });
 }
 
-const classesWithMasterOnlyAccess = ['_PushStatus', '_Hooks', '_GlobalConfig', '_JobStatus', '_JobSchedule'];
-// Disallowing access to the _Role collection except by master key
+const classesWithMasterOnlyAccess = ['_JobStatus', '_PushStatus', '_Hooks', '_GlobalConfig', '_JobSchedule'];
+  // Disallowing access to the _Role collection except by master key
 function enforceRoleSecurity(method, className, auth) {
-  if (classesWithMasterOnlyAccess.indexOf(className) > -1 && !auth.isMaster) {
-    const error = new Error();
-    error.status = 403;
-    error.message = "unauthorized: master key is required";
-    throw error;
-  }
   if (className === '_Installation' && !auth.isMaster) {
     if (method === 'delete' || method === 'find') {
       const error = `Clients aren't allowed to perform the ${method} operation on the installation collection.`
@@ -151,8 +145,7 @@ function enforceRoleSecurity(method, className, auth) {
   }
 
   //all volatileClasses are masterKey only
-  const volatileClasses = ['_JobStatus', '_PushStatus', '_Hooks', '_GlobalConfig'];
-  if(volatileClasses.includes(className) && !auth.isMaster){
+  if(classesWithMasterOnlyAccess.includes(className) && !auth.isMaster){
     const error = `Clients aren't allowed to perform the ${method} operation on the ${className} collection.`
     throw new Parse.Error(Parse.Error.OPERATION_FORBIDDEN, error);
   }
