我在customers.json中有这个模型,acls:
"acls": [
{
"accessType": "*",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "DENY"
},
{
"accessType": "READ",
"principalType": "ROLE",
"principalId": "admin",
"permission": "ALLOW",
"through": "RoleMapping"
}
]
我有这个基于环回用户的用户模型:
{
"name": "userModel",
"base": "User",
...
}
"relations": {
"roles": {
"type": "hasMany",
"model": "Role",
"foreignKey": "principalId"
}
},
我在RoleMapping中的http://localhost:3000/explorer中定义了:
{
"id": "58b82f1dbd7b9f1a601646cf",
"principalType": "USER",
"principalId": "58b82ec9bd7b9f1a601646ce",
"roleId": "5570fb69a1227c8c039293da"
}
但是当我尝试显示客户时,我总是得到401 Unauthorized错误。 如果有人可以帮助我,我会非常有成绩。
答案 0 :(得分:0)
您是否在Loopback Explorer中设置了令牌?
在Loopback中启用ACL时,您必须使用端点 / user / login
登录{"username":"john", "password": "abc123"}
然后将 id 从响应中复制并粘贴到令牌字段中。