How do I check if a username is taken with parse.com when all User ACL:Public read/write is disable?

Question

How do I check if a username is taken with parse.com Javascript SDK when ACL:Public read/write is disable in all users inside User's class?

Explanation: For security reasons all my users in class/table User have a private ACL (Access control list), or in other words the ACL for public read/write is disable, it means that authenticated users can read only their own information.

As you can imagine any query to Users will get empty to non logged In users so there is no way to check if a user is already taken by using Query on User Class

I manage to work around this by singUp a new user and then Parse will return a 400 error with some good information:

{code: 202, error: "username Test already taken"}

The problem with that approach is that I'm doing the validation on real time while the user is typing on the text area field:

HTML AngularJS:

<form name="form">
    <h3>e-mail</h3>
    <input class="form-control"
           name="email"
           placeholder="try john.doe@mail.com or bad@domain.com"
           type="email"
           required ng-model="email"
           ng-model-options="{ debounce: 100 }"
           ui-validate="{blacklist: 'notBlackListed($value)'}"
           ui-validate-async="{alreadyExists: 'doesNotExist($modelValue)'}"
    >

    <span ng-show='form.email.$error.blacklist'>This e-mail is black-listed!</span>
    <span ng-show='form.email.$error.alreadyExists'>This e-mail is <b>already taken!</b></span>
    <span ng-show='form.email.$pending'>Verifying e-mail on server...</span>
    <br>is form valid: {{form.$valid}}
</form>

Javascript AngularJS:

$scope.doesNotExist = function (value) {
            Parse.initialize(KEY0, KEY1);
            var deferral = $q.defer();
            var user = new Parse.User();
            user.set("username", "Test");
            user.set("password", "anyapssword");
            user.signUp(null, {
                success: function(user) {
                    // Hooray! Let them use the app now.
                    console.log("success!");
                    // Holly shit now I have to delete the user :( and wait for the full form to be submmited
                    user.destroy({
                    success: function(myObject) {
                        // The object was deleted from the Parse Cloud.
                        console.log("destroy!!!!!!!!!!!");
                    },
                    error: function(myObject, error) {
                        // The delete failed.
                        // error is a Parse.Error with an error code and message.
                        console.log("failed destroy!!!!!!!!!!!");
                    }
                });
                    deferral.resolve(user);
                },
                error: function(user, error) {
                    console.log("Error: " + error.code + " " + error.message);
                    deferral.reject("mierda!");
                }
            });
            return deferral.promise;
        };

So how can I check if a username is taken with parse.com when ACL:Public read/write is disable?

I'm using the AngularUI plugIn to fast validation: https://htmlpreview.github.io/?https://github.com/angular-ui/ui-validate/master/demo/index.html

Thanks!

score 0 · Answer 1 · answered Jan 16 '16 at 05:27

0

You could create a cloud code function that enables you to check if a user name is taken or not -- you can lookup the username with the masterKey(), which allows you to read from the User table.

Let me know if you need more info.

answered Jan 16 '16 at 05:27

liampronan

578
4
6

how is this function going to be? can you guide me a little please? – lito Jan 16 '16 at 16:32

score 0 · Answer 2 · answered Jan 17 '16 at 15:27

I found my own answer. In case someone is looking here what I did in AngularJS and Parse.com. To save some time I'm using Validate plugIn from AngularUI.

The HTML:

<!DOCTYPE html>
<html lang="en" ng-app="demo">

<head>
    <meta charset="utf-8">
    <title>AngularJS ui-validate</title>
    <script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.4.1/angular.js"></script>
    <link rel="stylesheet" href="https://netdna.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.css"/>
    <script type="text/javascript" src="http://www.parsecdn.com/js/parse-1.6.14.min.js"></script>

    <!-- ui-validate files -->
    <script src="../dist/validate.js"></script>
</head>

<body class="container">
<script>
    var app = angular.module('demo', ['ui.validate']);
    app.controller('ValidateCtrl', function ($scope, $timeout, $q) {
        $scope.doesNotExist = function (value) {
            Parse.initialize("uO...rPt", "8Bu...1mxFr");    
            var deferral = $q.defer();
            Parse.Cloud.run('mgxIsNameAlreadyTaken', {username: value}, {
                success: function (result) {
                    console.log("httpRequest resultado: " + result);
                    // result is 'Hello world!'
                    deferral.resolve();
                },
                error: function (error) {
                    console.log("si! ya esta tomado!: " + error);
                    deferral.reject();
                }
            });
            return deferral.promise;
            //return true;
        };
    });
</script>
<section id="validate" ng-controller="ValidateCtrl">
    <div class="page-header">
        <h1>Validate</h1>
    </div>
    <h3>What?</h3>
    <div class="row">
        <div class="col-md-6">
            <p>The
                <code>ui-validate</code> and <code>ui-validate-async</code> directives makes it very easy to create
                custom validator expressions.</p>
            <div class="well">
                <form name="form">
                    <h3>e-mail</h3>
                    <input class="form-control"
                           name="email"
                           placeholder="try john.doe@mail.com or bad@domain.com"
                           type="email"
                           required ng-model="email"
                           ng-model-options="{ debounce: 500 }"
                           ui-validate-async="{alreadyExists: 'doesNotExist($modelValue)'}"
                    >
                    <span ng-show='form.email.$error.blacklist'>This e-mail is black-listed!</span>
                    <span ng-show='form.email.$error.alreadyExists'>This e-mail is <b>already taken!</b></span>
                    <span ng-show='form.email.$pending'>Verifying e-mail on server...</span>
                    <span ng-show='form.email.$valid'>This Email is Valid.</span>
                    <br>is form valid: {{form.$valid}}
                    <br>
                </form>
            </div>
        </div>
    </div>
</section>
</body>

</html>

Parse Cloud Code:

Parse.Cloud.define("mgxIsNameAlreadyTaken", function(request, response) {
    Parse.Cloud.useMasterKey();
    var query = new Parse.Query(Parse.User);
    query.equalTo("username", request.params.username);
    query.first({
        success: function(user) {
            if (user) {
                response.error("The username has already been taken.");
            } else {
                response.success("The username "+request.params.username+" is available.");
            }
        },
        error: function(error) {
            console.error("Error en el query de user." + error.code + " : " + error.message);
            response.error("Error in mgxIsNameAlreadyTaken: " + error.code + " : " + error.message);
        }
    });
});

Good luck!

How do I check if a username is taken with parse.com when all User ACL:Public read/write is disable?

2 Answers2

Linked