diff --git a/spec/AudienceRouter.spec.js b/spec/AudienceRouter.spec.js index 94aeaa4bf9..ac75d52c42 100644 --- a/spec/AudienceRouter.spec.js +++ b/spec/AudienceRouter.spec.js @@ -1,6 +1,7 @@ const auth = require('../lib/Auth'); const Config = require('../lib/Config'); const rest = require('../lib/rest'); +const request = require('../lib/request'); const AudiencesRouter = require('../lib/Routers/AudiencesRouter') .AudiencesRouter; @@ -438,4 +439,28 @@ describe('AudiencesRouter', () => { }); }); }); + + it('should handle _Audience invalid fields via rest', async () => { + await reconfigureServer({ + appId: 'test', + restAPIKey: 'test', + publicServerURL: 'http://localhost:8378/1', + }); + try { + await request({ + method: 'POST', + url: 'http://localhost:8378/1/classes/_Audience', + body: { lorem: 'ipsum', _method: 'POST' }, + headers: { + 'X-Parse-Application-Id': 'test', + 'X-Parse-REST-API-Key': 'test', + 'Content-Type': 'application/json', + }, + }); + expect(true).toBeFalsy(); + } catch (e) { + expect(e.data.code).toBe(107); + expect(e.data.error).toBe('Could not add field lorem'); + } + }); }); diff --git a/src/Controllers/SchemaController.js b/src/Controllers/SchemaController.js index fffc67892d..e3dfc040b9 100644 --- a/src/Controllers/SchemaController.js +++ b/src/Controllers/SchemaController.js @@ -228,9 +228,7 @@ function validateCLP(perms: ClassLevelPermissions, fields: SchemaFields) { // @flow-disable-next throw new Parse.Error( Parse.Error.INVALID_JSON, - `'${ - perms[operation] - }' is not a valid value for class level permissions ${operation}` + `'${perms[operation]}' is not a valid value for class level permissions ${operation}` ); } else { perms[operation].forEach(key => { @@ -395,6 +393,9 @@ class SchemaData { this.__data = {}; this.__protectedFields = protectedFields; allSchemas.forEach(schema => { + if (volatileClasses.includes(schema.className)) { + return; + } Object.defineProperty(this, schema.className, { get: () => { if (!this.__data[schema.className]) {