Strongloop偷偷地将属性字段添加到acl对象

时间:2016-04-09 11:06:53

标签: strongloop

https://docs.strongloop.com/display/public/LB/Define+access+controls

在上面的教程中, { "accessType": "EXECUTE", "principalType": "ROLE", "principalId": "$authenticated", "permission": "ALLOW", "property": "create" //how did this get added ? }, 命令如何将该属性添加到审阅的acl对象中?

Review.beforeRemote('create', function(context, user, next) {

当我自己运行命令时,没有添加任何属性:create。如果我尝试将属性重命名为" create_review",并编辑远程钩子 而不是

Review.beforeRemote('create_review', function(context, user, next) {

Array
(
    [step_number] => 4
    [app_id] => Array
        (
            [0] => 2
            [1] => 3
        )
    [formdata] => Array
        (
            [0] => Array
                (
                    [name] => app_id[]
                    [value] => 2
                )
            [1] => Array
                (
                    [name] => app_id[]
                    [value] => 3
                )
            [2] => Array
                (
                    [name] => fieldval[2][2][]
                    [value] => 1
                )
            [3] => Array
                (
                    [name] => fieldval[3][3][]
                    [value] => 200
                )
            [4] => Array
                (
                    [name] => fieldval[3][3][]
                    [value] => day
                )
            [5] => Array
                (
                    [name] => title
                    [value] => new plan
                )
            [6] => Array
                (
                    [name] => feature_plan
                    [value] => 3
                )
            [7] => Array
                (
                    [name] => plan_type
                    [value] => free
                )
            [8] => Array
                (
                    [name] => price
                    [value] => 
                )
            [9] => Array
                (
                    [name] => sell_type
                    [value] => us
                )
       )
)

我未经授权错误401。

创建以外的其他此类财产是什么?为什么我们需要acls的财产?是否要添加远程钩子?

1 个答案:

答案 0 :(得分:0)

访问类型及其属性在https://docs.strongloop.com/display/public/LB/Controlling+data+access

中定义

除了create之外,还有find,findById,upsert等。

它不是模型的属性,而是acl。

的属性