From 5d19c4ab453d030c6d4a971594a1e20d3d31cbb3 Mon Sep 17 00:00:00 2001
From: Florent Vilmart <florentvilmart@me.com>
Date: Tue, 22 Mar 2016 08:12:58 -0400
Subject: [PATCH] Generates default CLP, freezes objects

---
 src/Schema.js | 36 +++++++++++++++++++-----------------
 1 file changed, 19 insertions(+), 17 deletions(-)

diff --git a/src/Schema.js b/src/Schema.js
index adf197e8f2..bcb4573ffd 100644
--- a/src/Schema.js
+++ b/src/Schema.js
@@ -17,7 +17,7 @@
 var Parse = require('parse/node').Parse;
 var transform = require('./transform');
 
-var defaultColumns = {
+const defaultColumns = Object.freeze({
   // Contain the default columns for every parse object type (except _Join collection)
   _Default: {
     "objectId":  {type:'String'},
@@ -84,14 +84,14 @@ var defaultColumns = {
     "sentPerType":  {type:'Object'},
     "failedPerType":{type:'Object'},
   }
-};
+});
 
-var requiredColumns = {
+const requiredColumns = Object.freeze({
   _Product: ["productIdentifier", "icon", "order", "title", "subtitle"],
   _Role: ["name", "ACL"]
-}
+});
 
-const systemClasses = ['_User', '_Installation', '_Role', '_Session', '_Product'];
+const systemClasses = Object.freeze(['_User', '_Installation', '_Role', '_Session', '_Product']);
 
 // 10 alpha numberic chars + uppercase
 const userIdRegex = /^[a-zA-Z0-9]{10}$/;
@@ -100,7 +100,7 @@ const roleRegex = /^role:.*/;
 // * permission
 const publicRegex = /^\*$/
 
-const permissionKeyRegex = [userIdRegex, roleRegex, publicRegex];
+const permissionKeyRegex = Object.freeze([userIdRegex, roleRegex, publicRegex]);
 
 function verifyPermissionKey(key) {
   let result = permissionKeyRegex.reduce((isGood, regEx) => {
@@ -112,13 +112,15 @@ function verifyPermissionKey(key) {
   }
 }
 
-let CLPValidKeys = ['find', 'get', 'create', 'update', 'delete', 'addField'];
-let DefaultClassLevelPermissions = CLPValidKeys.reduce((perms, key) => {
+const CLPValidKeys = Object.freeze(['find', 'get', 'create', 'update', 'delete', 'addField']);
+let DefaultClassLevelPermissions = () => {
+  return CLPValidKeys.reduce((perms, key) => {
     perms[key] = {
       '*': true
     };
     return perms;
   }, {});
+}
 
 function validateCLP(perms) {
   if (!perms) {
@@ -899,21 +901,21 @@ function mongoSchemaToSchemaAPIResponse(schema) {
     fields: mongoSchemaAPIResponseFields(schema),
   };
 
-  let classLevelPermissions = DefaultClassLevelPermissions;
+  let classLevelPermissions = DefaultClassLevelPermissions();
   if (schema._metadata && schema._metadata.class_permissions) {
-    classLevelPermissions = Object.assign(classLevelPermissions, schema._metadata.class_permissions);
+    classLevelPermissions = Object.assign({}, classLevelPermissions, schema._metadata.class_permissions);
   }
   result.classLevelPermissions = classLevelPermissions;
   return result;
 }
 
-module.exports = {
-  load: load,
-  classNameIsValid: classNameIsValid,
-  invalidClassNameMessage: invalidClassNameMessage,
-  schemaAPITypeToMongoFieldType: schemaAPITypeToMongoFieldType,
-  buildMergedSchemaObject: buildMergedSchemaObject,
-  mongoFieldTypeToSchemaAPIType: mongoFieldTypeToSchemaAPIType,
+export {
+  load,
+  classNameIsValid,
+  invalidClassNameMessage,
+  schemaAPITypeToMongoFieldType,
+  buildMergedSchemaObject,
+  mongoFieldTypeToSchemaAPIType,
   mongoSchemaToSchemaAPIResponse,
   systemClasses,
 };