我正在尝试使用node_acl来管理我的应用中的授权。 但我怀疑如何为每个用户实现该角色
app.js
const mongoose = require('mongoose');
const app = express();
const security = require(./security/security_acl);
//----------Database Connection ------------------------------
mongoose.Promise = global.Promise;
mongoose.connect('mongodb://localhost/db_test', { useMongoClient: true })
.then(() => logger.info('Database connected'))
.catch(error => logger.error('Database connection error: $(error.message)'))
const db = mongoose.connection;
// all other middleware functions
security_acl.js
'use strict';
const mongoose = require('mongoose');
const node_acl = require('acl');
var acl;
acl = new node_acl(new node_acl.mongodbBackend(mongoose.connection.db, 'acl_'));
set_roles();
function set_roles () {
acl.allow([{
roles: 'admin',
allows: [{
resources: '/api/config',
permissions: '*'
}
]
}, {
roles: 'user',
allows: [{
resources: 'clients',
permissions: ['view', 'edit', 'delete']
}]
}, {
roles: 'guest',
allows: []
}]);
acl.addUserRoles('5863effc17a181523b12d48e', 'admin').then(function (res){
console.log('Good');
}).catch(function (err){
console.log('Bad');
});
}
module.exports = acl;
用户模型
const userSchema = Schema({
username: {
type: String,
required: [true, 'Username can't be empty'']
},
email: {
type: String,
required: [true, 'email can't be empty'']
},
encrypted_password: {
type: String,
required: [true, 'Password can't be empty'']
},
role: {
type: Schema.Types.ObjectId,
ref: 'roles',
required: [true, 'Role can't be empty']
}
}, {
timestamps: true
});
在我的用户模型中,我引用了模型ROLES。
如何将用户ID和角色传递给所有用户(新的和以前注册的) acl.addUserRoles 函数
提前致谢
答案 0 :(得分:0)
试试这个
userModel.find().populate("roles").exec().then(users => {
users.forEach(user =>
acl.addUserRoles(user._id, user.roles.map(role => role.name));
)
})