我有环回应用程序,我有模型名称照片。我在我的本地主机上工作并尝试发布照片模型并且它工作正常。但是,当我构建它并尝试在在线服务器上POST时,我得到了授权所需的错误。
我的acl看起来像这样:
"acls": [
{
"accessType": "*",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "DENY"
},
{
"accessType": "*",
"principalType": "ROLE",
"principalId": "admin",
"permission": "ALLOW"
},
{
"accessType": "*",
"principalType": "ROLE",
"principalId": "$owner",
"permission": "ALLOW"
},
{
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW",
"property": "findById"
},
{
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW",
"property": "__get__comments"
},
{
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW",
"property": "__count__comments"
},
{
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW",
"property": "__get__likes"
},
{
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW",
"property": "__count__likes"
},
{
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$authenticated",
"permission": "ALLOW",
"property": "__create__comments"
},
{
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW",
"property": "find"
},
{
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$authenticated",
"permission": "ALLOW",
"property": "create"
}
答案 0 :(得分:0)
首先,进行一些清理:您可以将许多类似的ACLS组合到一个块中:
{
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW",
"property": [
"find",
"findById",
"__get__likes",
"__get__comments",
"__count__likes",
"__count__comments"
]
},
...第二:您是否在尝试在服务器上发出请求时登录?检查“授权”令牌是否正在发送并且是好的。与本地主机相同的数据库或不同的数据库?
答案 1 :(得分:0)
您可以通过启用以下调试选项来检查应用于路由的ACL:
DEBUG=loopback:security:acl
我使用此日志来解决配置ACL的问题。
请查看此链接以获取更多信息:
https://loopback.io/doc/en/lb2/Setting-debug-strings.html#using-debug-strings