Gives role to cloud function

Consider the following scenario.
I’ve two classes:

  1. tokens : this is the target of an EventSync which store all new token minted. I provide only “write” permission to “coreservices”

  2. CLASS_A: this is another class; I want this class to be modified (give “write” permission) only through a cloud function triggered after a new item has been added to tokens

Therefore, I write a cloud function like:

Moralis.Cloud.afterSave("tokens", async (request) => {
    const Ref = Moralis.Object.extend("CLASS_A");
    const newItem = new Ref();
    await newItem.save(data)
})

My point is: how to manage the CLPs of CLASS_A

My first idea was to give to CLASS_A the permission to “coreservices” (like for tokens). However, this seems not working.

I know a workaround is to use the masterkey:
await newItem.save(data,{ useMasterKey: true })
is this the right approach in your opiniono?

Isn’t there a way to create a role for a cloud function (like we do for users)?

Thank you, I appreciate any suggestion

I would say that you can use master key in a cloud function and check that you call it with a specific parameter like a key so that someone else can not call it with the right parameters

1 Like