MCPcopy
hub / github.com/parse-community/parse-server / updateCLP

Function updateCLP

spec/vulnerabilities.spec.js:2550–2564  ·  view source on GitHub ↗
(permissions)

Source from the content-addressed store, hash-verified

2548
2549 describe('(GHSA-4m9m-p9j9-5hjw) User enumeration via signup endpoint', () => {
2550 async function updateCLP(permissions) {
2551 const response = await fetch(Parse.serverURL + '/schemas/_User', {
2552 method: 'PUT',
2553 headers: {
2554 'X-Parse-Application-Id': Parse.applicationId,
2555 'X-Parse-Master-Key': Parse.masterKey,
2556 'Content-Type': 'application/json',
2557 },
2558 body: JSON.stringify({ classLevelPermissions: permissions }),
2559 });
2560 const body = await response.json();
2561 if (body.error) {
2562 throw body;
2563 }
2564 }
2565
2566 it('does not reveal existing username when public create CLP is disabled', async () => {
2567 const user = new Parse.User();

Calls 1

fetchFunction · 0.70

Tested by

no test coverage detected