我可以提供一些帮助。我正在使用具有扩展用户模型的环回3,并且无法访问管理员角色。
user.json
{
"name": "user",
"plural": "users",
"base": "User",
"idInjection": false,
"options": {
"validateUpsert": true
},
"properties": {},
"validations": [],
"relations": {
"roles": {
"type": "hasMany",
"model": "Role",
"foreignKey": "principalId",
"through": "RoleMapping"
},
"contents": {
"type": "hasMany",
"model": "content",
"foreignKey": "userId",
"options": {
"nestRemoting": true
}
},
"accessTokens": {
"type": "hasMany",
"model": "AccessToken",
"foreignKey": "userId",
"options": {
"disableInclude": true
}
}
},
"acls": [
{
"accessType": "*",
"principalType": "ROLE",
"principalId": "admin",
"permission": "ALLOW"
}
],
"methods": {}
}
model-config.json
{
"_meta": {
"sources": [
"loopback/common/models",
"loopback/server/models",
"../common/models",
"./models"
],
"mixins": [
"loopback/common/mixins",
"loopback/server/mixins",
"../common/mixins",
"./mixins"
]
},
"User": {
"dataSource": "db",
"public": false,
"options": {
"emailVerificationRequired": true,
"strictObjectIDCoercion": true
}
},
"AccessToken": {
"dataSource": "db",
"public": false,
"relations": {
"user": {
"type": "belongsTo",
"model": "user",
"foreignKey": "userId"
}
}
},
"ACL": {
"dataSource": "db",
"public": false
},
"RoleMapping": {
"dataSource": "db",
"public": false,
"options": {
"strictObjectIDCoercion": true
}
},
"Role": {
"dataSource": "db",
"public": false
},
"attachment": {
"dataSource": "storage",
"public": true
},
"audio": {
"dataSource": "millicentaudio",
"public": true
},
"running": {
"dataSource": "mem",
"public": true
},
"content": {
"dataSource": "db",
"public": true
},
"vocalplaylist": {
"dataSource": "db",
"public": true
},
"backgroundplaylist": {
"dataSource": "db",
"public": true
},
"soundscapeplaylist": {
"dataSource": "db",
"public": true
},
"Email": {
"dataSource": "email"
},
"user": {
"dataSource": "db",
"public": true
}
}
启动脚本
module.exports = function (app) {
var User = app.models.User
var Role = app.models.Role
var RoleMapping = app.models.RoleMapping
var Team = app.models.Team
User.create([
{username: 'name', email: 'email@gmail.com', password: 'password'}
], function(err, users) {
if (err) {
console.log(err)
}
//...
// Create projects, assign project owners and project team members
//...
// Create the admin role
Role.create({
name: 'admin'
}, function(err, role) {
if (err) {
console.log(role)
}
// Make user an admin
role.principals.create({
principalType: RoleMapping.USER,
principalId: users[0].id
}, function(err, principal) {
if (err) {
console.log(principal)
}
})
})
})
}
角色展示调试
loopback:security:role isInRole(): $everyone +0ms
loopback:security:role Custom resolver found for role $everyone +1ms
loopback:security:role isInRole(): $everyone +0ms
loopback:security:role Custom resolver found for role $everyone +0ms
loopback:security:role isInRole(): admin +0ms
loopback:security:role Role found: {"id":"5c98fc80fb2bbc1f9a7f5075","name":"admin","created":"2019-03-25T16:06:24.486Z","modified":"2019-03-25T16:06:24.486Z"} +1ms
loopback:security:role Role mapping found: null +2ms
loopback:security:role isInRole() returns: null +0ms
尽管用户是管理员角色映射,但找不到它。
我认为这可能与关系或用于创建角色映射的PrincipleType有关。我尝试将RoleMapping.USER更改为'user'(模型名称),在启动脚本中使用用户模型而不是User模型,更新了部门,但似乎无法使其再次正常工作。
........
编辑 .... 我设置了另一个安装,如果将数据源设置为mem,则一切正常,如果将其设置为使用mongodb,则admin检查失败。
编辑 .... 在model-config.json“ fixes”中将Rolemapping,Role和user(扩展用户模型)设置为mem,但是正在寻找更好的解决方案