Adds fix for issue affecting update with CLP

Author: flovilmart

spec/schemas.spec.js

@@ -2043,6 +2043,22 @@ describe('schemas', () => {
       .catch(done.fail);
   });
 
+  it('regression test for #5177', async () => {
+    Parse.Cloud.beforeSave('AClass', () => {});
+    await setPermissionsOnClass(
+      'AClass',
+      {
+        update: { '*': true },
+      },
+      false
+    );
+    const obj = new Parse.Object('AClass');
+    await obj.save({ key: 1 }, { useMasterKey: true });
+    obj.increment('key', 10);
+    await obj.save();
+    expect(obj.get('key')).toBe(11);
+  });
+
   it('regression test for #2246', done => {
     const profile = new Parse.Object('UserProfile');
     const user = new Parse.User();

src/Controllers/DatabaseController.js

@@ -1141,7 +1141,6 @@ class DatabaseController {
       distinct,
       pipeline,
       readPreference,
-      isWrite,
     }: any = {}
   ): Promise<any> {
     const isMaster = acl === undefined;
@@ -1217,7 +1216,7 @@ class DatabaseController {
                 );
               }
               if (!query) {
-                if (op == 'get') {
+                if (op === 'get') {
                   throw new Parse.Error(
                     Parse.Error.OBJECT_NOT_FOUND,
                     'Object not found.'
@@ -1227,7 +1226,7 @@ class DatabaseController {
                 }
               }
               if (!isMaster) {
-                if (isWrite) {
+                if (op === 'update' || op === 'delete') {
                   query = addWriteACL(query, aclGroup);
                 } else {
                   query = addReadACL(query, aclGroup);

src/RestQuery.js

@@ -30,7 +30,6 @@ function RestQuery(
   this.clientSDK = clientSDK;
   this.response = null;
   this.findOptions = {};
-  this.isWrite = false;
 
   if (!this.auth.isMaster) {
     if (this.className == '_Session') {
@@ -257,12 +256,6 @@ RestQuery.prototype.buildRestWhere = function() {
     });
 };
 
-// Marks the query for a write attempt, so we read the proper ACL (write instead of read)
-RestQuery.prototype.forWrite = function() {
-  this.isWrite = true;
-  return this;
-};
-
 // Uses the Auth object to get the list of roles, adds the user id
 RestQuery.prototype.getUserAndRoleACL = function() {
   if (this.auth.isMaster) {
@@ -645,9 +638,6 @@ RestQuery.prototype.runFind = function(options = {}) {
   if (options.op) {
     findOptions.op = options.op;
   }
-  if (this.isWrite) {
-    findOptions.isWrite = true;
-  }
   return this.config.database
     .find(this.className, this.restWhere, findOptions)
     .then(results => {

src/rest.js

@@ -112,7 +112,6 @@ function del(config, auth, className, objectId) {
       const hasLiveQuery = checkLiveQuery(className, config);
       if (hasTriggers || hasLiveQuery || className == '_Session') {
         return new RestQuery(config, auth, className, { objectId })
-          .forWrite()
           .execute({ op: 'delete' })
           .then(response => {
             if (response && response.results && response.results.length) {
@@ -224,9 +223,9 @@ function update(config, auth, className, restWhere, restObject, clientSDK) {
       const hasLiveQuery = checkLiveQuery(className, config);
       if (hasTriggers || hasLiveQuery) {
         // Do not use find, as it runs the before finds
-        return new RestQuery(config, auth, className, restWhere)
-          .forWrite()
-          .execute();
+        return new RestQuery(config, auth, className, restWhere).execute({
+          op: 'update',
+        });
       }
       return Promise.resolve({});
     })