我正在尝试使用node acl来实现用户,管理员权限
不幸的是总是返回错误HttpError: Insufficient permissions to access resource
1。当用户登录时添加用户角色
acl.addUserRoles(admin._id.toString(), admin.role)
admin.role是admin
2.checkpermission.js 使用Redis和页面包含在admin.js
var acl = require('acl');
var redis = require("redis");
var client = require('redis').createClient(6379, '127.0.0.1', {no_ready_check: true});
acl = new acl(new acl.redisBackend(client, "acl_"));
// Using redis backend
acl.allow([
{
roles: ['admin'],
allows: [
{
resources: 'admin',
permissions: ['get', 'post', 'put', 'delete'],
},
]
}
]);
module.exports = acl;
3. admin.js 页调用checkpermission.js并从会话中获取登录的用户ID
var acl = require('config/checkpermission');
function get_user_id( request, response ) {
return request.user && request.user.id.toString() || false;
}
......................
......................
router.get('/', [acl.middleware(1, get_user_id)],(req, res, next) =>{
Admin.findById(req.user.id, function (err, data) {
if (err) return err;
return res.json(data);
});
});