我一直在尝试更新环回用户模型中的某些更改,但每次我这样做时,即使我的用户角色设置为admin,我也会收到401未经授权的错误。
这是我的user.model的样子
{
"name": "user",
"plural": "users",
"base": "User",
"properties": {
},
"validations": [],
"relations": {
"accessTokens": {
"type": "hasMany",
"model": "accessToken",
"foreignKey": "userId"
},
"identities": {
"type": "hasMany",
"model": "userIdentity",
"foreignKey": "userId"
},
"roles": {
"type": "hasMany",
"model": "Role",
"through": "RoleMapping",
"foreignKey": "principalId"
}
},
"acls": [
{
"accessType": "*",
"principalType": "ROLE",
"principalId": "admin",
"permission": "ALLOW"
},
{
"accessType": "*",
"principalType": "ROLE",
"principalId": "localadmin",
"permission": "ALLOW"
},
{
"accessType": "READ",
"principalType": "ROLE",
"principalId": "$unauthenticated",
"permission": "DENY"
},
{
"accessType": "READ",
"principalType": "ROLE",
"principalId": "$authenticated",
"permission": "ALLOW"
},
{
"accessType": "*",
"principalType": "ROLE",
"principalId": "$owner",
"permission": "ALLOW"
}
],
"methods": []
}
和我正在进行的角度资源调用
$scope.setUserAccess = function(user) {
User.upsert({ username: user.username, accessLevel: user.accessLevel })
.$promise
.then(
function(resp) { console.log(resp); },
function(err) { console.log(err);
});
};
我很难解决这个问题。这是我在浏览器上得到的
"{"
data ":{"
error ":{"
name ":"
Error ","
status ":401,"
message ":"
Authorization Required ","
statusCode ":401,"
code ":"
AUTHORIZATION_REQUIRED ","
stack ":"
Error: Authorization Required\ n at / home / work / Thermtec / node_modules / loopback / lib / application.js: 375: 21\ n at / home / work / Thermtec / node_modules / loopback / lib / model.js: 313: 7\ n at / home / work / Thermtec / node_modules / loopback / common / models / acl.js: 465: 23\ n at / home / work / Thermtec / node_modules / loopback / node_modules / async / lib / async.js: 251: 17\ n at done(/home/work / Thermtec / node_modules / loopback / node_modules / async / lib / async.js: 132: 19)\ n at / home / work / Thermtec / node_modules / loopback / node_modules / async / lib / async.js: 32: 16\ n at / home / work / Thermtec / node_modules / loopback / node_modules / async / lib / async.js: 248: 21\ n at / home / work / Thermtec / node_modules / loopback / node_modules / async / lib / async.js: 572: 34\ n at / home / work / Thermtec / node_modules / loopback / common / models / acl.js: 447: 17\ n at / home / work / Thermtec / node_modules / loopback / common / models / role.js: 348: 23 "}},"
status ":401,"
config ":{"
method ":"
PUT ","
transformRequest ":[null],"
transformResponse ":[null],"
url ":"
http: //localhost:3000/api/users","data":{"username":"testuser","accessLevel":5},"params":{},"headers":{"Accept":"application/json, text/plain, */*","Content-Type":"application/json;charset=utf-8","authorization":"No9BorxaROfrb48jOxKYDpigFNlhk30vkYVhQMRMHT4h86KNnjCLPFda06jPywo3"}},"statusText":"Unauthorized"}"
这是我的启动脚本
'use strict';
// to enable these logs set `DEBUG=boot:02-load-users` or `DEBUG=boot:*`
var log = require('debug')('boot:01-load-users');
module.exports = function(app) {
if (app.dataSources.db.name !== 'Memory' && !process.env.INITDB) {
return;
}
createDefaultUsers();
function createDefaultUsers() {
log('Creating roles and users');
var User = app.models.User;
var Role = app.models.Role;
var RoleMapping = app.models.RoleMapping;
var users = [];
var roles = [{
name: 'admin',
users: [{
firstName: 'Admin',
lastName: 'User',
email: 'admin@thermtec.ie',
username: 'admin',
password: 'admin'
}]
}, {
name: 'user',
users: [{
firstName: 'Guest',
lastName: 'User',
email: 'user@user.com',
username: 'user',
password: 'user'
}]
},{
name: 'localadmin',
users: [{
firstName: 'LocalAdmin',
lastName: 'User',
email: 'admin@admin.com',
username: 'localadmin',
password: 'admin'
}]
}];
roles.forEach(function(role) {
Role.findOrCreate(
{where: {name: role.name}}, // find
{name: role.name}, // create
function(err, createdRole, created) {
if (err) {
console.error('error running findOrCreate('+role.name+')', err);
}
(created) ? log('created role', createdRole.name)
: log('found role', createdRole.name);
role.users.forEach(function(roleUser) {
User.findOrCreate(
{where: {username: roleUser.username}}, // find
roleUser, // create
function(err, createdUser, created) {
if (err) {
console.error('error creating roleUser', err);
}
(created) ? log('created user', createdUser.username)
: log('found user', createdUser.username);
createdRole.principals.create({
principalType: RoleMapping.USER,
principalId: createdUser.id
}, function(err, rolePrincipal) {
if (err) {
console.error('error creating rolePrincipal', err);
}
users.push(createdUser);
});
});
});
});
});
return users;
}
};
答案 0 :(得分:1)
从我在这里看到的,你现在看起来并没有创造任何角色。您需要在此脚本中创建管理员角色。这可能是您看到未经授权的访问消息的原因。我将参考文档here中的代码示例:
User.create([
{username: 'John', email: 'john@doe.com', password: 'opensesame'},
{username: 'Jane', email: 'jane@doe.com', password: 'opensesame'},
{username: 'Bob', email: 'bob@projects.com', password: 'opensesame'}
], function(err, users) {
if (err) return cb(err);
//create the admin role
Role.create({
name: 'admin'
}, function(err, role) {
if (err) cb(err);
//make bob an admin
role.principals.create({
principalType: RoleMapping.USER,
principalId: users[2].id
}, function(err, principal) {
cb(err);
})
;
});
});
答案 1 :(得分:1)
请在此处找到详细的答案: Constantly getting 401 errors in loopback while using User Model