1. ホーム
  2. 質問と答え
  3. ループバック3.カスタムロールが機能しない

ループバック3.カスタムロールが機能しない

2017-03-22 6 views
3

Userモデルを継承するClientモデルがあります。私は、カスタムの役割adminを作成し、Clientモデルにその役割を使用して2つのACLを定義していますループバック3.カスタムロールが機能しない

{ 
    "principalType": "ROLE", 
    "principalId": "admin", 
    "permission": "ALLOW", 
    "property": "find" 
}, 
{ 
    "principalType": "ROLE", 
    "principalId": "admin", 
    "permission": "ALLOW", 
    "property": "findById" 
}

私が起こって何ができるかのGET/api/Clients

任意の考えにしようとしたとき、私は401を取得しますか?どんな助けでも大歓迎です。

ループバック3.5V、MongoDBの

ユーザー/ロール/マッピングコード:

Client.create({ 
    username: '[email protected]', 
    email: '[email protected]l.com', 
    password: 'admin123' 
}).then(function(user) { 
    Role.create({ 
     name: 'admin' 
    }, function(createRoleError, createRole) { 
     createRole.principals.create({ 
      principalType: RoleMapping.USER, 
      principalId: user.id 
     }); 
    }); 
});

MongoDBのデータ:

> db.Client.find() 
{ "_id" : ObjectId("58d28f0690c08512b03c9dfc"), "username" : "[email protected]", "password" : "$2a$10$zQrgeFq.pFZNmJOPywE/8uY9PjurwfzyAHbBESgkTccx6pZnFrZR2", "email" : "[email protected]" } 

> db.Role.find() 
{ "_id" : ObjectId("58d28f0690c08512b03c9dfd"), "name" : "admin", "created" : ISODate("2017-03-22T14:49:42.899Z"), "modified" : ISODate("2017-03-22T14:49:42.899Z") } 

> db.RoleMapping.find() 
{ "_id" : ObjectId("58d28f0690c08512b03c9dfe"), "principalType" : "USER", "principalId" : "58d28f0690c08512b03c9dfc", "roleId" : ObjectId("58d28f0690c08512b03c9dfd") }

ループバックのデバッグ情報:

loopback:security:role isInRole(): $everyone +1m 
loopback:security:access-context ---AccessContext--- +0ms 
loopback:security:access-context principals: +5ms 
loopback:security:access-context principal: {"type":"USER","id":"58d28f0690c08512b03c9dfc"} +1ms 
loopback:security:access-context modelName Client +0ms 
loopback:security:access-context modelId undefined +0ms 
loopback:security:access-context property find +1ms 
loopback:security:access-context method find +0ms 
loopback:security:access-context accessType READ +1ms 
loopback:security:access-context accessToken: +0ms 
loopback:security:access-context id "1od20VFnZNqW0i0PblSqpJpxDvpfJEBYeXi9AxM9twj5EqkH4xZ6ET7J9thHT982" +1m 

loopback:security:access-context ttl 1209600 +1ms 
loopback:security:access-context getUserId() 58d28f0690c08512b03c9dfc +0ms 
loopback:security:access-context isAuthenticated() true +2ms 
loopback:security:role Custom resolver found for role $everyone +0ms 
loopback:security:role isInRole(): admin +1ms 
loopback:security:access-context ---AccessContext--- +2ms 
loopback:security:access-context principals: +0ms 
loopback:security:access-context principal: {"type":"USER","id":"58d28f0690c08512b03c9dfc"} +2ms 
loopback:security:access-context modelName Client +1ms 
loopback:security:access-context modelId undefined +1ms 
loopback:security:access-context property find +1ms 
loopback:security:access-context method find +0ms 
loopback:security:access-context accessType READ +1ms 
loopback:security:access-context accessToken: +1ms 
loopback:security:access-context id "1od20VFnZNqW0i0PblSqpJpxDvpfJEBYeXi9AxM9twj5EqkH4xZ6ET7J9thHT982" +4m 

loopback:security:access-context ttl 1209600 +2ms 
loopback:security:access-context getUserId() 58d28f0690c08512b03c9dfc +2ms 
loopback:security:access-context isAuthenticated() true +1ms 
loopback:security:role Role found: {"id":"58d28f0690c08512b03c9dfd","name":"admin","created":"2017-03-22T14: 
:42.899Z","modified":"2017-03-22T14:49:42.899Z"} +3ms 
loopback:security:role Role mapping found: null +22ms 
loopback:security:role isInRole() returns: null +2ms 
loopback:security:acl The following ACLs were searched: +2ms 
loopback:security:acl ---ACL--- +2ms 
loopback:security:acl model Client +1ms 
loopback:security:acl property * +1ms 
loopback:security:acl principalType ROLE +2ms 
loopback:security:acl principalId $everyone +2ms 
loopback:security:acl accessType * +1ms 
loopback:security:acl permission DENY +2ms 
loopback:security:acl with score: +1ms 7495 
loopback:security:acl ---Resolved--- +2ms 
loopback:security:access-context ---AccessRequest--- +2ms 
loopback:security:access-context model Client +1ms 
loopback:security:access-context property find +1ms 
loopback:security:access-context accessType READ +2ms 
loopback:security:access-context permission DENY +2ms 
loopback:security:access-context isWildcard() false +1ms 
loopback:security:access-context isAllowed() false +3ms

出典

2017-03-22 Hyperd

答えて

5

あなたrolemapping主要なIdはObjectIdではなく文字列として挿入されていますが、これが問題の原因です。 strictObjectIDCoercionを有効にする必要があります。

app.models.RoleMapping.settings.strictObjectIDCoercion = true;

またはserver/model-config.jsonにそれを追加します:どちらかのブートスクリプトでこれを持つことで

{ 
    "RoleMapping": { 
    "dataSource": "db", 
    "options": { 
     "strictObjectIDCoercion": true 
    }, 
    "public": false 
    } 
}

出典

2017-03-25 08:26:16

+0

感謝! RoleMappingに 'strictObjectIDCoercion'を設定しなかった古いバージョンの' lb'を使ってアプリケーションを作成しました。 https://github.com/strongloop/loopback/pull/3198 – Hyperd

+0

ありがとう!私は同じ問題を抱えていましたが、これをmodel-config.jsonファイルに追加すると解決しました – user3655266

関連する問題

 関連する問題