Skip to content

v3.2.0 - Class-Level Permissions & Consolidated Updates

Choose a tag to compare

View all tags
@AdrianCurtin AdrianCurtin released this 09 Jan 02:17
· 38 commits to master since this release
3.2.0
7581ba6

Class-Level Permissions (CLP) Support

This release adds comprehensive Class-Level Permissions support for protecting fields and controlling access at the schema level.

Note: This release consolidates changes from versions 3.1.1 through 3.1.12 (GitHub releases were skipped for those versions). See CHANGELOG.md for detailed version-by-version changes.

New Features: Class-Level Permissions

DSL for Defining CLPs:

class Song < Parse::Object
  property :title, :string
  property :internal_notes, :string

  # Set operation-level permissions
  set_clp :find, public: true
  set_clp :create, public: false, roles: ["Admin", "Editor"]
  set_clp :delete, public: false, roles: ["Admin"]

  # Protect fields from certain users
  protect_fields "*", [:internal_notes]  # Hidden from everyone
  protect_fields "role:Admin", []         # Admins see everything
end

Filter Data for Webhook Responses:

filtered = song.filter_for_user(current_user, roles: ["Member"])
filtered_results = Song.filter_results_for_user(songs, current_user, roles: user_roles)

Push CLPs to Parse Server:

Song.auto_upgrade!   # Includes CLPs in schema upgrades
Song.update_clp!     # Update only CLPs
Song.fetch_clp       # Fetch current CLPs from server

Consolidated Changes from 3.1.1 - 3.1.12

Query & Constraint Improvements (3.1.12, 3.1.4, 3.1.3)

  • NEW: ends_with query constraint for string suffix matching
  • NEW: ACL query convenience methods: publicly_readable, publicly_writable, privately_readable, privately_writable, private_acl, not_publicly_readable, not_publicly_writable
  • NEW: not_readable_by and not_writeable_by constraints
  • NEW: ACL queries support readable_by: user and writable_by: role as hash keys
  • NEW: Role hierarchy expansion - queries automatically include child roles
  • NEW: default_acl_private class setting and private_acl! convenience method
  • NEW: Parse::ACL.private class method for empty ACLs

Caching Improvements (3.1.9, 3.1.7, 3.1.5)

  • NEW: fetch_cache! method on Parse::Pointer with caching support
  • NEW: cache: parameter for Parse::Pointer#fetch
  • NEW: "Write-only" cache mode (:write_only) - skip cache read, update cache with fresh data
  • NEW: fetch_cache! and find_cached convenience methods
  • CHANGED: Query caching is now opt-in by default (was opt-out)
  • NEW: Parse.default_query_cache and Parse.cache_write_on_fetch configuration options

Performance Improvements (3.1.10)

  • IMPROVED: Aggregation pipeline optimization automatically merges consecutive $match stages

Validation & Callback Improvements (3.1.2)

  • NEW: save() passes validation context (:create or :update) to validations and callbacks
  • NEW: before_validation, after_validation, around_validation support on: :create/:update option
  • NEW: create! class method for Active Model consistency

ACL Dirty Tracking (3.1.3)

  • FIXED: acl_was correctly captures ACL state before in-place modifications
  • NEW: acl_changed? compares actual ACL content, not just object references

Serialization (3.1.1)

  • NEW: :exclude_keys option as alias for :except in as_json
  • NEW: Parse::MongoDB.to_mongodb_date helper for date conversion

Bug Fixes (Various)

  • FIXED: auto_upgrade! skips read-only system classes (_PushStatus, _SCHEMA)
  • FIXED: Date property parsing handles empty strings gracefully
  • FIXED: Query methods first, latest, last_updated properly accept keyword options
  • FIXED: Connection pooling pool_size option works correctly

Code Quality (3.1.6)

  • FIXED: Resolved circular require warnings
  • FIXED: Resolved method redefinition warnings
  • UPDATED: Parse::Installation device_type enum updated for current Parse Server types
  • NEW: Push notification validation for installation targeting

Author: Adrian Curtin
Date: November 2025

Assets 2
Loading