Returning a role for null user

[dpatel20]

I am using parse server on back4app. I am checking for admin role using the code shown here - shown below for ease:

function userHasRole(user, roleName) {
    var query = new Parse.Query(Parse.Role);
    query.equalTo("name", roleName);
    query.equalTo("users", user);
    return query.find().then(function(roles) {
        return roles.length > 0;
    });
}

var currentUser = Parse.User.current();
// is the user an "admin"?
userHasRole(currentUser, "admin").then(function(isAdmin) {
    console.log((isAdmin)? "user is admin" : "user is not admin");
});

I have a role admin which is connected to exactly one user named admin (as confirmed in the Parse Dashboard). With no user logged in (debugging shows current user = null), I get a role returned (admin role!). Again, I have checked the role in debug to show it is a valid role object. I have tried this on other browsers where I am sure I have never been logged in and get the same result.

Edit: I have tried with a different role and get the same result. Something like: if user is null, then the query always returns the role mentioned by roleName. I guess parse server ignores null in queries??

[davimacedo]

Hi.

I've written some tests and realized that equalTo("someArray", null) and equalTo("someRelation", null) have different behaviors. The constraint is considered in the array query returning an empty result (https://github.com/parse-community/parse-server/pull/3924/files#diff-f06f950a126bc6349f0e579b6ef362f7R2475) while it is not considered in the relation query (https://github.com/parse-community/parse-server/pull/3924/files#diff-f06f950a126bc6349f0e579b6ef362f7R153).

@flovilmart I think the results should be the same. If you also think so, here is the PR to fix it:
#3924