| 214 | }; |
| 215 | |
| 216 | var getAuthForLegacySessionToken = async function ({ config, sessionToken, installationId }) { |
| 217 | var restOptions = { |
| 218 | limit: 1, |
| 219 | }; |
| 220 | const RestQuery = require('./RestQuery'); |
| 221 | var query = await RestQuery({ |
| 222 | method: RestQuery.Method.get, |
| 223 | config, |
| 224 | runBeforeFind: false, |
| 225 | auth: master(config), |
| 226 | className: '_User', |
| 227 | restWhere: { _session_token: sessionToken }, |
| 228 | restOptions, |
| 229 | }); |
| 230 | return query.execute().then(response => { |
| 231 | var results = response.results; |
| 232 | if (results.length !== 1) { |
| 233 | throw new Parse.Error(Parse.Error.INVALID_SESSION_TOKEN, 'invalid legacy session token'); |
| 234 | } |
| 235 | const obj = results[0]; |
| 236 | |
| 237 | if (typeof obj['objectId'] === 'string' && obj['objectId'].startsWith('role:')) { |
| 238 | throw new Parse.Error(Parse.Error.INTERNAL_SERVER_ERROR, 'Invalid object ID.'); |
| 239 | } |
| 240 | |
| 241 | obj.className = '_User'; |
| 242 | const userObject = Parse.Object.fromJSON(obj); |
| 243 | return new Auth({ |
| 244 | config, |
| 245 | isMaster: false, |
| 246 | installationId, |
| 247 | user: userObject, |
| 248 | }); |
| 249 | }); |
| 250 | }; |
| 251 | |
| 252 | // Returns a promise that resolves to an array of role names |
| 253 | Auth.prototype.getUserRoles = function () { |