CODEWITHSUNDEEP
javascriptangularjsparse-platform
bzupnick
bzupnick

Reputation: 2814

Parse.com: getting UserCannotBeAlteredWithoutSessionError

I have an Angular service that takes in a roleId and userId and assigns the user to that role and make a pointer in User to that role.

app.service('CRUD', function () {
    this.addUserToRole = function (roleId, userId) {
        // first we have to find the role we're adding to
        var query = new Parse.Query(Parse.Role);
        return query.get(roleId, {
            success: function (role) {
                // then add the user to it
                var Database = Parse.Object.extend("User");
                var query = new Parse.Query(Database);
                console.log(role);
                return query.get(userId, {
                    success: function (user) {
                        console.log(user);
                        role.getUsers().add(user);
                        role.save();

                        // now we need to tell the user that he has this role
                        console.log(user);
                        user.attributes.role.add(role);
                        user.save();
                        return user;
                    },
                    error: function (err) {
                        return err;
                    }
                });
            },
            error: function (err) {
                console.log(err);
            }
        });
    }
});

I'm getting {"code":206,"error":"Parse::UserCannotBeAlteredWithoutSessionError"} on user.save();

After some research, I arrived at this website. He uses this code snippet as a JS SDK example:

Parse.Cloud.run('modifyUser', { username: 'userA' }, {
  success: function(status) {
    // the user was updated successfully
  },
  error: function(error) {
    // error
  }
});

and mentions something about a useMasterKey() function.

I'm still unsure how to fix this error.

Upvotes: 2

Views: 1280

Answers (2)

a_alexeev
a_alexeev

Reputation: 278

Add 

Parse.Cloud.useMasterKey();

at the beginning of your function.

Upvotes: 5

McNully
McNully

Reputation: 46

Set it up as a background job. That is the code snip you found I think and a simpler far more secure means of fondling users and roles

https://parse.com/docs/cloud_code_guide#jobs

Upvotes: 0

Related Questions