リモートメソッドのLoopback.io 401？

私はretrieveリモートメソッドのLoopback.io 401？

という名前のリモート・メソッドと、次の役割admin、barkeeperを定義しました。

モデルACLが

"acls": [ 
{ 
    "accessType": "*", 
    "principalType": "ROLE", 
    "principalId": "$everyone", 
    "permission": "DENY" 
}, 
{ 
    "accessType": "*", 
    "principalType": "ROLE", 
    "principalId": "admin", 
    "permission": "ALLOW" 
}, 
{ 
    "accessType": "EXECUTE", 
    "principalType": "ROLE", 
    "principalId": "barkeeper", 
    "permission": "ALLOW", 
    "property": "retrieve" 
} 
],

問題は、私はどちらかadminユーザーまたはbarkeeperユーザーとしてログインして/retrieveを呼んだとき、私は401の

任意のアイデアを得ることにあるのですか？

編集：

ループバックログが表示さ：

loopback:security:access-context ---AccessContext--- 
loopback:security:access-context principals: 
loopback:security:access-context principal: {"type":"USER","id":"583adfd78753a610006c586b"} 
loopback:security:access-context modelName Order 
loopback:security:access-context modelId undefined 
loopback:security:access-context property retrieve 
loopback:security:access-context method retrieve 
loopback:security:access-context accessType READ 
loopback:security:access-context accessToken: 
loopback:security:access-context id "wm54iPCZuOYWBYujAHFKloo4GWHq3ceDvDaRui1YjOlDLxeQWznQ3cRdolWHu0sc" 
loopback:security:access-context ttl 1209600 
loopback:security:access-context getUserId() 583adfd78753a610006c586b 
loopback:security:access-context isAuthenticated() true 
loopback:security:role Custom resolver found for role $everyone 
loopback:security:role isInRole(): admin 
loopback:security:access-context ---AccessContext--- 
loopback:security:access-context principals: 
loopback:security:access-context principal: {"type":"USER","id":"583adfd78753a610006c586b"} 
loopback:security:access-context modelName Order 
loopback:security:access-context modelId undefined 
loopback:security:access-context property retrieve 
loopback:security:access-context method retrieve 
loopback:security:access-context accessType READ 
loopback:security:access-context accessToken: 
loopback:security:access-context id "wm54iPCZuOYWBYujAHFKloo4GWHq3ceDvDaRui1YjOlDLxeQWznQ3cRdolWHu0sc" 
loopback:security:access-context ttl 1209600 
loopback:security:access-context getUserId() 583adfd78753a610006c586b 
loopback:security:access-context isAuthenticated() true 
loopback:security:role isInRole(): admin 
loopback:security:access-context ---AccessContext--- 
loopback:security:access-context principals: 
loopback:security:access-context principal: {"type":"USER","id":"583adfd78753a610006c586b"} 
loopback:security:access-context modelName Order 
loopback:security:access-context modelId undefined 
loopback:security:access-context property retrieve 
loopback:security:access-context method retrieve 
loopback:security:access-context accessType READ 
loopback:security:access-context accessToken: 
loopback:security:access-context id "wm54iPCZuOYWBYujAHFKloo4GWHq3ceDvDaRui1YjOlDLxeQWznQ3cRdolWHu0sc" 
loopback:security:access-context ttl 1209600 
loopback:security:access-context getUserId() 583adfd78753a610006c586b 
loopback:security:access-context isAuthenticated() true 
loopback:security:role isInRole(): barkeeper 
loopback:security:access-context ---AccessContext--- 
loopback:security:access-context principals: 
loopback:security:access-context principal: {"type":"USER","id":"583adfd78753a610006c586b"} 
loopback:security:access-context modelName Order 
loopback:security:access-context modelId undefined 
loopback:security:access-context property retrieve 
loopback:security:access-context method retrieve 
loopback:security:access-context accessType READ 
loopback:security:access-context accessToken: 
loopback:security:access-context id "wm54iPCZuOYWBYujAHFKloo4GWHq3ceDvDaRui1YjOlDLxeQWznQ3cRdolWHu0sc" 
loopback:security:access-context ttl 1209600 
loopback:security:access-context getUserId() 583adfd78753a610006c586b 
loopback:security:access-context isAuthenticated() true 
loopback:security:role Role found: {"id":"583adfd78753a610006c586a","name":"admin","created":"2016-11-27T13:29:58.664Z","modified":"2016-11-27T13:29:58.664Z"} 
loopback:security:role Role found: {"id":"583adfd78753a610006c586a","name":"admin","created":"2016-11-27T13:29:58.664Z","modified":"2016-11-27T13:29:58.664Z"} 
loopback:security:role Role found: {"id":"583adfd78753a610006c586d","name":"barkeeper","created":"2016-11-27T13:29:58.665Z","modified":"2016-11-27T13:29:58.665Z"} 
loopback:security:role Role mapping found: null 
loopback:security:role isInRole() returns: null 
loopback:security:role Role mapping found: null 
loopback:security:role isInRole() returns: null 
loopback:security:role Role mapping found: null 
loopback:security:role isInRole() returns: null 
loopback:security:acl The following ACLs were searched: 
loopback:security:acl ---ACL--- 
loopback:security:acl model Order 
loopback:security:acl property * 
loopback:security:acl principalType ROLE 
loopback:security:acl principalId $everyone 
loopback:security:acl accessType * 
loopback:security:acl permission DENY 
loopback:security:acl with score: 7495 
loopback:security:acl ---Resolved--- 
loopback:security:access-context ---AccessRequest--- 
loopback:security:access-context model Order 
loopback:security:access-context property retrieve 
loopback:security:access-context accessType READ 
loopback:security:access-context permission DENY 
loopback:security:access-context isWildcard() false 
loopback:security:access-context isAllowed() false 
Unhandled error for request GET /Orders/retrieve?access_token=wm54iPCZuOYWBYujAHFKloo4GWHq3ceDvDaRui1YjOlDLxeQWznQ3cRdolWHu0sc: Error: Authorization Required

は、なぜそれがユーザーがadminロールを持っている場合、そのACLに解決されますか？

出典

2016-11-23 Eric

'set DEBUG = loopback：security：acl && nodeを実行できますか？ '（ウィンドウ）または' DEBUG = loopback：security：aclノード。 '（Unix）を実行し、認証されたリクエストを作成し、コンソールの出力を表示しますか？ – Overdrivr

基本的には、何が起きているのかを理解するために[debug strings]（https://loopback.io/doc/en/lb2/Setting-debug-strings.html）を使用することです。 – Overdrivr

@Overdrivrが質問を更新しました – Eric

ここで、ユーザーとその役割の管理者とバーキーパーの役割と役割マッピングを作成していますか？

e.e. In the documentation exampleユーザーは1回限りの操作として作成され、後で役割と RoleMappingsが作成されます。

あなたは役割が明確であっても、ユーザーのための任意のRoleMapping（矢印）があるように思われないことを確認することができ、あなたのログに

：

loopback:security:role Role found: {"id":"583adfd78753a610006c586a","name":"admin","created":"2016-11-27T13:29:58.664Z","modified":"2016-11-27T13:29:58.664Z"} 
loopback:security:role Role found: {"id":"583adfd78753a610006c586a","name":"admin","created":"2016-11-27T13:29:58.664Z","modified":"2016-11-27T13:29:58.664Z"} 
loopback:security:role Role found: {"id":"583adfd78753a610006c586d","name":"barkeeper","created":"2016-11-27T13:29:58.665Z","modified":"2016-11-27T13:29:58.665Z"} 
loopback:security:role Role mapping found: null <------- 
loopback:security:role isInRole() returns: null <------- 
loopback:security:role Role mapping found: null <------- 
loopback:security:role isInRole() returns: null <------- 
loopback:security:role Role mapping found: null <------- 
loopback:security:role isInRole() returns: null <-------

は、たぶんコードでエラーがありますそれらのロールマッピングをユーザーに割り当てます。

出典

2016-11-27 14:39:42 Acapulco

リモートメソッドのLoopback.io 401？

答えて

関連する問題