使用mySql连接器的环回ACL“需要授权”

时间:2018-08-27 05:29:02

标签: node.js loopbackjs

我希望具有特定角色的用户能够将数据写入终结点,并且由于某些原因,我设置的用户(属于那些角色之一)无法写入。我收到以下错误:下面是我的代码。

module.exports = function (app) {
    let today = new Date();

    let admin = {
        name: 'admin',
        description: 'admin users',
        created: today.toJSON(),
        modified: today.toJSON()
    };

    let internal = {
        name: 'internal',
        description: 'Internal users',
        created: today.toJSON(),
        modified: today.toJSON()
    };

    let external = {
        name: 'external',
        description: 'external users',
        created: today.toJSON(),
        modified: today.toJSON()
    };

    let bot = {
        name: 'bot',
        description: 'robots',
        created: today.toJSON(),
        modified: today.toJSON()
    };

    let model = app.models.user;

    model.create([
        {username: 'bot', email: 'example@example.com', password: 'test123'},
        {username: 'admin', email: 'example2@example.com', password: 'test123'},
        {username: 'iAdmin', email: 'example3@example.com', password: 'test123'},
        {username: 'eUser', email: 'example4@example.com', password: 'test123'},
    ], function(err, users) {

        if (err) throw err;

           app.models.Role.create(bot, function (err, botRole) {

            if (err) throw err


                botRole.principals.create({principalType: app.models.RoleMapping.USER, principalID: users[0].id}, function(err, principal) {
                if (err) throw err;
            });


        });

        app.models.Role.create(admin, function (err, adminRole) {
            if (err) throw err;

            adminRole.principals.create({principalType: app.models.RoleMapping.USER, PrincipalID: users[1].id}, function(err, principal) {
                if (err) throw err;
            });
        });

       app.models.Role.create(admin, function (err, internalRole) {
            if (err) throw err;

            internalRole.principals.create({principalType: app.models.RoleMapping.USER, PrincipalID: users[2].id}, function(err, principal) {
                if (err) throw err;
            });
        });

        app.models.Role.create(external, function (err, externalRole) {
            if (err) throw err;

            externalRole.principals.create({principalType: app.models.RoleMapping.USER, PrincipalID: users[3].id}, function(err, principal) {
                if (err) throw err;
            });
        });
    });
};

模型配置:

"User": {
    "dataSource": "mySqldb",
    "public": false
  },
  "user": {
    "dataSource": "mySqldb",
    "public": true
  },
  "AccessToken": {
    "dataSource": "mySqldb",
    "public": false
  },
  "ACL": {
    "dataSource": "mySqldb",
    "public": false
  },
  "RoleMapping": {
    "dataSource": "mySqldb",
    "public": false,
    "options": {
      "strictObjectIDCoercion": true
    }
  },
  "Role": {
    "dataSource": "mySqldb",
    "public": false
  }

ACLS:

"acls": [
    {
        "accessType": "*",
        "principalType": "ROLE",
        "principalId": "$everyone",
        "permission": "DENY"
    },
    {
        "accessType": "READ",
        "principalType": "ROLE",
        "principalId": "$authenticated",
        "permission": "ALLOW"
    },
    {
        "accessType": "WRITE",
        "principalType": "ROLE",
        "principalId": "admin",
        "permission": "ALLOW"
    },
     {
        "accessType": "DELETE",
        "principalType": "ROLE",
        "principalId": "admin",
        "permission": "ALLOW"
    }
  ],

错误: ValidationError:user实例无效。详细信息:secret_key不能为空(值:undefined); logged_in_with不能为空(值:undefined); username无效(值:“ bot”); email无效(值:“ example@example.com”)。

0 个答案:

没有答案
相关问题
最新问题