Secure your Parse Server App with Pointer Permissions

Pointer Permissions is a powerful way to secure your app without writing any new cloud code or client code. Pointer Permissions let you secure all of the objects in a class of your Parse Server app at once, directly from the data browser in the Parse Dashboard. Often times the user that should have permissions for an object is already stored in that object, in a pointer field like owner or creator. So rather than saving the owner of an object both as a pointer and in an ACL every time you create an object, now you can just add a pointer permission to the owner field in the data browser, and then all objects in the collection will only be accessible by the user listed as the owner.

Parse launched this feature in June last year and through the help of open source contributor Florent Vilmart, Pointer Permissions is now in open source Parse Server.

NodeChef has updated all Parse Server clusters to version 2.2.10 and Parse Dashboard to version 1.0.12 so that customers can use this feature.