我正在尝试授权用户使用expressjs执行特定任务。问题是如果在内联函数中分配的值在离开函数时无法保留。
var mysql = require('mysql');
var pool = mysql.createPool({
host: 'localhost',
user: 'root',
password: '',
database: 'database'
});
exports.authorizeAndWriteToSession = function (req, res, resource_code, right) {
req.session.authorized = false;
if (!req.session.authenticated) {
res.send("Không có quyền truy cập tài nguyên này vì chưa đăng nhập");
}
else {
if (!req.session.validated) {
res.send("");
}
else {
pool.getConnection(function (err, connection) {
connection.query('SELECT * FROM role_based_acl...', [req.session.user_id, resource_code], function (err, rows) {
if (rows.length === 0) {
res.send("<h2 style='color:red'></h2>");
}
else {
if (right === 'view') {
req.session.authorized = (rows[0].allow_view === 1);
}
else {
if (right === 'list') {
req.session.authorized = (rows[0].allow_list === 1);
}
else {
if (right === 'retrieve') {
req.session.authorized = (rows[0].allow_view === 1);
}
else {
if (right === 'create') {
req.session.authorized = (rows[0].allow_create === 1);
}
else {
if (right === 'update') {
req.session.authorized = (rows[0].allow_update === 1);
}
else {
if (right === 'delete') {
req.session.authorized = (rows[0].allow_delete === 1);
}
}
}
}
}
}
}
});
connection.release();
});
}
}
};
我从来没有能够获得具有真正价值的res.session.authorized。