Parse: How to restrict access to only certain properties of an object in Parse?

Question

I am a begginner in Parse. I've previously been working a lot with django and django rest framework. I've recently started working on parse and I love it, But there is a some confusion in my mind that I haven't been able to resolve by reading the documentation.

I would like to restrict access to certain properties(/fields) of an Object rather than the whole objects as described in Parse Documentation

For example I have

user1 = {
    name: "a",
    ...
}

and

user2 = {
    name: "b",
    ...
}

and there is an object

pet = {
    type: "Cat",
    name: "abc",
    hungry: true,
}

Now I want a setup where the "user1" objects can only access "type" and "name" attributes of the object "pet" whereas "user2" can access all the three properties of "pet".

How to add these attribute level permissions in Parse? I hope I made my point clear.

Answer 1

ACL is the most specific means of control, and it goes only to the object level. Within an object, you can enforce via app logic, or break the object into parts...

Pet = { name: "Toonces",
        type: "Cat",
        restrictedPet:<pointer to RestrictedPet>,
        ACL: everyone }

RestrictedPet = { hungry: true,
                  canDriveACar: true,
                  ACL: user2 }

When querying Pet (say, in JS), you can say this unconditionally:

var petQuery = new Parse.Query("Pet");
petQuery.include("restrictedPet");
petQuery.first(then(function(pet) {
    if (pet.restrictedPet) {
        // when user2 is running, she will see restricted attributes here
        console.log("Can my pet drive? " + pet.restrictedPet.canDriveACar);
    }
    // the remainder of the attributes are visible here, to all
});