parse.com javascript中的用户安全
我正在尝试使用angularjs在parse.com中进行用户登录,登录后会在用户身上显示一个表单,但我遇到了一个问题。 在parse.com上,我将用户“katikati”设置为具有完全访问权限 和一个用户“admin”来获取和查找。 如下图所示。 下面的代码是我正在做的,登录,如果用户存在,可以看到html。 但是,当我使用用户“admin”登录时,我仍然可以发布到parse.com帐户。 我做错了什么parse.com javascript中的用户安全,javascript,angularjs,parse-platform,Javascript,Angularjs,Parse Platform,我正在尝试使用angularjs在parse.com中进行用户登录,登录后会在用户身上显示一个表单,但我遇到了一个问题。 在parse.com上,我将用户“katikati”设置为具有完全访问权限 和一个用户“admin”来获取和查找。 如下图所示。 下面的代码是我正在做的,登录,如果用户存在,可以看到html。 但是,当我使用用户“admin”登录时,我仍然可以发布到parse.com帐户。 我做错了什么 <!DOCTYPE html> <html> <head
<!DOCTYPE html>
<html>
<head>
<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.0.7/angular.min.js"></script>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js"></script>
<script src="http://www.parsecdn.com/js/parse-latest.js"></script>
<meta name="viewport" content="initial-scale=1.0, user-scalable=no">
<meta charset="utf-8">
<title>Testy</title>
<script>
Parse.initialize("APPID", "JSKEY");
angular.module('AuthApp', [])
.run(['$rootScope', function($scope) {
$scope.scenario = 'Log in';
$scope.currentUser = Parse.User.current();
$scope.logIn = function(form) {
Parse.User.logIn(form.username, form.password, {
success: function(user) {
$scope.currentUser = user;
$scope.$apply();
},
error: function(user, error) {
alert("Unable to log in: " + error.code + " " + error.message);
}
});
};
$scope.logOut = function(form) {
Parse.User.logOut();
$scope.currentUser = null;
};
}]);
</script>
<script type="text/javascript">
$(document).ready(function() {
Parse.initialize("APPID", "JSKEY");
function saveJobApp(objParseFile) {
var jobApplication = new Parse.Object("magazia");
var email = document.getElementById('email').value;
var name = document.getElementById('name').value;
var description = document.getElementById('description').value;
var website = document.getElementById('website').value;
var phone = document.getElementById('phone').value;
var address = document.getElementById('address').value;
var latlon = document.getElementById('latlon').value;
var value = latlon;
value = value.replace(/[\(\)]/g, '').split(', ');
console.log(value[0]);
console.log(value[1]);
var x = parseFloat(value[0]);
var y = parseFloat(value[1]);
var point = new Parse.GeoPoint(x, y);
jobApplication.set("image", objParseFile);
jobApplication.set("email", email);
jobApplication.set("phone", phone);
jobApplication.set("address", address);
jobApplication.set("name", name);
jobApplication.set("website", website);
jobApplication.set("description", description);
jobApplication.set("latlon", point);
jobApplication.save(null, {
success: function(gameScore) {
// Execute any logic that should take place after the object is saved.
/* var photo = gameScore.get("image");
var name = gameScore.get("name");
var id = gameScore.id;
$("#profileImg")[0].src = photo.url();
$("#objID")[0].innerHTML = id; */
//edw 8a perasoume to id apo ta magazia sta events gia na exoume to FK apo ta magazia
},
error: function(gameScore, error) {
// Execute any logic that should take place if the save fails.
// error is a Parse.Error with an error code and description.
alert('Failed to create new object, with error code: ' + error.description);
}
});
//var objectId = jobApplication.getObjectId();
// objectId = document.getElementById("objID").innerHTML;
// console.log(objectId);
}
$('#submitId').on("click", function(e) {
var fileUploadControl = $("#profilePhotoFileUpload")[0];
var file = fileUploadControl.files[0];
var name = file.name; //This does *NOT* need to be a unique name
var parseFile = new Parse.File(name, file);
console.log("Done");
parseFile.save().then(
function() {
saveJobApp(parseFile);
},
function(error) {
alert("error");
}
);
});
});
</script>
</head>
<body ng-app="AuthApp">
<div ng-hide="currentUser">
<form ng-show="scenario == 'Sign up'">
<a href="#" ng-click='scenario="Log in"'>Log in</a>
</form>
<form ng-show="scenario == 'Log in'">
<h2>Log in</h2>
Username: <input type="text" ng-model="user.username" /><br />
Password: <input type="password" ng-model="user.password" /><br />
<button ng-click="logIn(user)">Log in</button>
or <a href="#" ng-click='scenario="Sign up"'>Sign up</a>
</form>
</div>
<div ng-show="currentUser">
<form id="business_form" method="post">
<table>
<tr>
<td>NAME</td>
<td><input type="text" id="name"></td>
</tr>
<tr>
<td>Description</td>
<td><input type="text" id="description"></td>
</tr>
<tr>
<td>Address</td>
<td><input type="text" id="address"></td>
</tr>
<tr>
<td>LatLon</td>
<td><input type="text" id="latlon"></td>
</tr>
<tr>
<td>Phone</td>
<td><input type="text" id="phone"></td>
</tr>
<tr>
<td>Email</td>
<td><input id="email" name="email" type="email" placeholder="Type your email to create a Mail Link"></td>
</tr>
<tr>
<td>Website</td>
<td><input type="text" id="website"></td>
</tr>
<tr>
<td>Image</td>
<td><input type="file" id="profilePhotoFileUpload"></td>
</tr>
<tr>
<td><input type="button" id="submitId" value="submit"></td>
</tr>
</table>
</form>
<input id="pac-input" class="controls" type="text" placeholder="Search Your Place Here">
<div id="map"></div>
<script>
// This example adds a search box to a map, using the Google Place Autocomplete
// feature. People can enter geographical searches. The search box will return a
// pick list containing a mix of places and predicted search terms.
function initAutocomplete() {
var map = new google.maps.Map(document.getElementById('map'), {
center: {
lat: 37.58,
lng: 23.43
},
zoom: 6,
mapTypeId: google.maps.MapTypeId.ROADMAP
});
// Create the search box and link it to the UI element.
var input = document.getElementById('pac-input');
var searchBox = new google.maps.places.SearchBox(input);
map.controls[google.maps.ControlPosition.TOP_LEFT].push(input);
// Bias the SearchBox results towards current map's viewport.
map.addListener('bounds_changed', function() {
searchBox.setBounds(map.getBounds());
});
var markers = [];
// [START region_getplaces]
// Listen for the event fired when the user selects a prediction and retrieve
// more details for that place.
searchBox.addListener('places_changed', function() {
var places = searchBox.getPlaces();
if (places.length == 0) {
return;
}
// Clear out the old markers.
markers.forEach(function(marker) {
marker.setMap(null);
});
markers = [];
// For each place, get the icon, name and location.
var bounds = new google.maps.LatLngBounds();
places.forEach(function(place) {
var icon = {
url: place.icon,
size: new google.maps.Size(71, 71),
origin: new google.maps.Point(0, 0),
anchor: new google.maps.Point(17, 34),
scaledSize: new google.maps.Size(25, 25)
};
var lat = place.geometry.location.lat();
var lng = place.geometry.location.lng();
var latlng = lat + "," + " " + lng;
var address =
console.log(latlng);
document.getElementById("latlon").value = latlng;
// Create a marker for each place.
markers.push(new google.maps.Marker({
map: map,
icon: icon,
title: place.name,
position: place.geometry.location
}));
if (place.geometry.viewport) {
// Only geocodes have viewport.
bounds.union(place.geometry.viewport);
} else {
bounds.extend(place.geometry.location);
}
});
map.fitBounds(bounds);
});
// [END region_getplaces]
}
</script>
<script src="https://maps.googleapis.com/maps/api/js?key=APIKEY&libraries=places&callback=initAutocomplete"
async defer></script>
<button ng-click="logOut(user)">Log out</button>
</div>
</div>
</body>
</html>
易怒的
初始化(“APPID”、“JSKEY”);
angular.module('AuthApp',[])
.run(['$rootScope',函数($scope){
$scope.scenario='登录';
$scope.currentUser=Parse.User.current();
$scope.logIn=函数(表单){
Parse.User.logIn(form.username、form.password、{
成功:功能(用户){
$scope.currentUser=用户;
$scope.$apply();
},
错误:函数(用户,错误){
警报(“无法登录:“+error.code+”“+error.message”);
}
});
};
$scope.logOut=函数(表单){
Parse.User.logOut();
$scope.currentUser=null;
};
}]);
$(文档).ready(函数(){
初始化(“APPID”、“JSKEY”);
函数saveJobApp(objParseFile){
var jobApplication=new Parse.Object(“magazia”);
var email=document.getElementById('email')。值;
var name=document.getElementById('name')。值;
var description=document.getElementById('description')。值;
var-website=document.getElementById(“网站”).value;
var phone=document.getElementById('phone')。值;
var address=document.getElementById('address')。值;
var latlon=document.getElementById('latlon').value;
var值=latlon;
value=value.replace(/[\(\)]/g',).split(',');
console.log(值[0]);
console.log(值[1]);
var x=parseFloat(值[0]);
变量y=parseFloat(值[1]);
var点=新的解析地质点(x,y);
jobApplication.set(“image”,objParseFile);
jobApplication.set(“电子邮件”,电子邮件);
jobApplication.set(“电话”,电话);
jobApplication.set(“地址”,地址);
jobApplication.set(“名称”,名称);
jobApplication.set(“网站”,网站);
jobApplication.set(“说明”,说明);
jobApplication.set(“latlon”,点);
jobApplication.save(空{
成功:功能(游戏分数){
//执行保存对象后应执行的任何逻辑。
/*var photo=gameScore.get(“图像”);
var name=gameScore.get(“name”);
var id=gameScore.id;
$(“#profileImg”)[0].src=photo.url();
$(“#对象”)[0].innerHTML=id*/
//edw 8a用于识别FK apo ta magazia的外泄事件
},
错误:函数(游戏分数,错误){
//执行保存失败时应执行的任何逻辑。
//错误是一个解析。错误包含错误代码和说明。
警报('未能创建新对象,错误代码:'+错误。说明);
}
});
//var objectId=jobApplication.getObjectId();
//objectId=document.getElementById(“objID”).innerHTML;
//console.log(objectId);
}
$('#submitId')。在(“单击”,函数(e){
var fileUploadControl=$(“#profilePhotoFileUpload”)[0];
var file=fileUploadControl.files[0];
var name=file.name;//这不*不*需要是唯一的名称
var parseFile=new Parse.File(名称,文件);
控制台日志(“完成”);
parseFile.save()。然后(
函数(){
saveJobApp(解析文件);
},
函数(错误){
警报(“错误”);
}
);
});
});
登录
用户名:
密码:
登录
或
名称
描述
地址
拉特隆
电话
电子邮件
网站
形象
//本例使用Google Place Autocomplete将搜索框添加到地图中
//特色。人们可以进入地理搜索。搜索框将返回一个
//包含位置和预测搜索词组合的拾取列表。
函数initAutocomplete(){
var map=new google.maps.map(document.getElementById('map'){
中心:{
拉脱维亚:37.58,
液化天然气:23.43
},
缩放:6,
mapTypeId:google.maps.mapTypeId.ROADMAP
});
//创建搜索框并将其链接到UI元素。
var input=document.getElementById('pac-input');
var searchBox=newgoogle.maps.places.searchBox(输入);
map.controls[google.maps.ControlPosition.TOP_LEFT].push(输入);
//将搜索框结果偏向当前地图的视口。
addListener('bounds_changed',function(){
searchBox.setBounds(map.getBounds());
});
var标记=[];
//[开始区域\u getplaces]
//侦听用户选择预测并检索时激发的事件
//关于那个地方的更多细节。
searchBox.addListener('places\u changed',function(){
var places=searchBox.getPlaces();
如果(places.length==0){
返回;
}
//清除旧的标记。
markers.forEach(函数(marker){
marker.setMap(空);
});
标记=[];
//对于每个位置,获取图标、名称和位置。
var bounds=new google.maps.LatLngBounds();