fix: Queries with object field authData.provider.id are incorrectly transformed to _auth_data_provider.id for custom classes

[mtrezza]

Pull Request

• Report security issues confidentially.
• Any contribution is under this license.
• Link this pull request to an issue.

Issue

Queries with authData.provider.id are incorrectly transformed to _auth_data_provider.id for all classes. This transformation should only occur for the _User class, where authData is a special field with internal MongoDB representation. For custom classes, authData should be treated as a regular field and remain untransformed.

Approach

Changes:

• Add className check in transformQueryKeyValue to restrict authData transformation to _User class only
• Add test case verifying authData queries work correctly for both _User and custom classes

All other MongoDB authData transformations are already class-specific:

• DatabaseController.js:317 - Already checks className === '_User'
• MongoTransform.js:1204 - Already checks className === '_User'

This fix at line was the only missing check.

Summary by CodeRabbit

• Bug Fixes

  • Fixed authData transformation logic to correctly restrict transformations to User records, preventing unintended behavior where other data types could be incorrectly transformed.

• Tests

  • Added test coverage for authData transformation behavior across different record types.

[parse-github-assistant]

🚀 Thanks for opening this pull request!

[coderabbitai]

📝 Walkthrough

Walkthrough

A test has been added to verify authData transformation behavior in MongoDB queries. The implementation is updated to restrict authData field mapping to the _User class only, preventing unintended transformations in other classes.

Changes

Cohort / File(s)	Summary
Test validation for authData transformation spec/MongoTransform.spec.js	New test added to verify authData transformation behavior differs between _User and non-User classes
className check in query transformation src/Adapters/Storage/Mongo/MongoTransform.js	Modified transformQueryKeyValue to only map authData fields to special _auth_data_<provider>.id keys when className is '_User'

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

• Focus on verifying the className equality check is placed correctly in the control flow
• Confirm the test covers both the _User and non-User class branches
• Verify no side effects to other authData handling logic outside this conditional

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main fix: restricting authData transformation to the _User class and preventing incorrect transformation for custom classes.
Description check	✅ Passed	The description covers the issue, approach, and implementation details. However, the 'Issue' section does not include a link to the GitHub issue as required by the template.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[parseplatformorg]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 93.07%. Comparing base (7d5e9fc) to head (29fcd6b).
⚠️ Report is 3 commits behind head on alpha.

Additional details and impacted files

@@           Coverage Diff           @@
##            alpha    #9932   +/-   ##
=======================================
  Coverage   93.07%   93.07%           
=======================================
  Files         187      187           
  Lines       15243    15243           
  Branches      177      177           
=======================================
  Hits        14187    14187           
  Misses       1044     1044           
  Partials       12       12           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[parseplatformorg]

🎉 This change has been released in version 8.5.0-alpha.10

[parseplatformorg]

🎉 This change has been released in version 8.5.0