程序员经验分享-hwhale

环回错误:需要授权

2023-12-04

我有一个带有 mongoDB 的环回应用程序,如下所示:

当我以管理员身份登录时,我无法在菜肴上使用 post 方法。我收到需要授权的错误。 只有当我将菜肴角色更改为允许所有人时,这才成为可能。

我怎样才能通过让每个人都拒绝并只允许某些用户执行某些操作来达到想要的结果? 谢谢。这是我的代码..

应用程序/服务器/model-config.json:

    {
  "_meta": {
    "sources": [
      "loopback/common/models",
      "loopback/server/models",
      "../common/models",
      "./models"
    ],
    "mixins": [
      "loopback/common/mixins",
      "loopback/server/mixins",
      "../node_modules/loopback-ds-timestamp-mixin",
      "../common/mixins",
      "./mixins"
    ]
  },
  "User": {
    "dataSource": "db"
  },
  "AccessToken": {
    "dataSource": "db",
    "public": false
  },
  "ACL": {
    "dataSource": "MongoDB",
    "public": false
  },
  "RoleMapping": {
    "dataSource": "MongoDB",
    "public": false
  },
  "Role": {
    "dataSource": "MongoDB",
    "public": false
  },
  "dishes": {
    "dataSource": "MongoDB",
    "public": true
  },
  "Customer": {
    "dataSource": "MongoDB",
    "public": true
  },
  "Comments": {
    "dataSource": "MongoDB",
    "public": true
  }
}

应用程序/common/models/dishes.json:

{
  "name": "dishes",
  "base": "PersistedModel",
  "idInjection": true,
  "options": {
    "validateUpsert": true
  },
  "properties": {
    "name": {
      "type": "string",
      "required": true
    },
    "description": {
      "type": "string",
      "required": true
    },
    "category": {
      "type": "string",
      "required": true
    },
    "image": {
      "type": "string",
      "required": true
    },
    "label": {
      "type": "string",
      "required": true,
      "default": "''"
    },
    "price": {
      "type": "string",
      "required": true,
      "default": "0"
    }
  },
  "mixins": {
    "TimeStamp": true
  },
  "validations": [],
  "relations": {
    "comments": {
      "type": "hasMany",
      "model": "Comments",
      "foreignKey": ""
    },
    "customers": {
      "type": "hasMany",
      "model": "Customer",
      "foreignKey": ""
    }
  },
  "acls": [
    {
      "accessType": "*",
      "principalType": "ROLE",
      "principalId": "$everyone",
      "permission": "DENY"
    },
    {
      "accessType": "READ",
      "principalType": "ROLE",
      "principalId": "$authenticated",
      "permission": "ALLOW"
    },
    {
      "accessType": "EXECUTE",
      "principalType": "ROLE",
      "principalId": "admin",
      "permission": "ALLOW",
      "property": "create"
    },
    {
      "accessType": "WRITE",
      "principalType": "ROLE",
      "principalId": "admin",
      "permission": "ALLOW"
    }
  ],
  "methods": {}
}

应用程序/common/models/comments.json:

    {
  "name": "Comments",
  "base": "PersistedModel",
  "idInjection": true,
  "options": {
    "validateUpsert": true
  },
  "properties": {
    "Rating": {
      "type": "number",
      "required": true,
      "default": 5
    },
    "comment": {
      "type": "string",
      "required": true
    }
  },
  "mixins": {
    "TimeStamp": true
  },
  "validations": [],
  "relations": {
    "dishes": {
      "type": "belongsTo",
      "model": "dishes",
      "foreignKey": ""
    },
    "customer": {
      "type": "belongsTo",
      "model": "Customer",
      "foreignKey": "customerId"
    }
  },
  "acls": [
    {
      "accessType": "*",
      "principalType": "ROLE",
      "principalId": "$everyone",
      "permission": "DENY"
    },
    {
      "accessType": "READ",
      "principalType": "ROLE",
      "principalId": "$authenticated",
      "permission": "ALLOW"
    },
    {
      "accessType": "EXECUTE",
      "principalType": "ROLE",
      "principalId": "$authenticated",
      "permission": "ALLOW",
      "property": "create"
    },
    {
      "accessType": "WRITE",
      "principalType": "ROLE",
      "principalId": "$owner",
      "permission": "ALLOW"
    }
  ],
  "methods": {}
}

应用程序/common/models/customer.json:

    {
  "name": "Customer",
  "base": "User",
  "idInjection": true,
  "options": {
    "validateUpsert": true
  },
  "properties": {},
  "validations": [],
  "relations": {
    "comments": {
      "type": "hasMany",
      "model": "Comments",
      "foreignKey": "customerId"
    }
  },
  "acls": [
    {
      "accessType": "*",
      "principalType": "ROLE",
      "principalId": "$everyone",
      "permission": "DENY"
    }
  ],
  "methods": {}
}

和app/server/boot/script.js:

    module.exports = function(app) {
var MongoDB = app.dataSources.MongoDB;

MongoDB.automigrate('Customer', function(err) {
   if (err) throw (err);
   var Customer = app.models.Customer;

   Customer.create([
    {username: 'Admin', email: '[email protected]', password: 'abcdef'},
    {username: 'muppala', email: '[email protected]', password: 'abcdef'}
  ], function(err, users) {
        if (err) throw (err);
        var Role = app.models.Role;
        var RoleMapping = app.models.RoleMapping;

        Role.find({ name: 'admin' }, function(err, results) {
            if (err) { throw err; }

            if (results.length < 1) {
                // now we know the DB doesn't have it already, so do the Role creation...
                //create the admin role
                Role.create({
                  name: 'admin'
                }, function(err, role) {
                  if (err) throw (err);
                   //make admin
                  role.principals.create({
                    principalType: RoleMapping.USER,
                    principalId: users[0].id
                  }, function(err, principal) {
                    if (err) throw (err);
                  });
                });
            }
        });
  });
});

};

看到你的最后一个问题我想象发生了什么。

以某种方式收集Role已创建但未映射到User.

我建议你改变:

Role.find({ name: 'admin' }, function(err, results) {
            if (err) { throw err; }

            if (results.length < 1) {
                // now we know the DB doesn't have it already, so do the Role creation...
                //create the admin role
                Role.create({
                  name: 'admin'
                }, function(err, role) {
                  if (err) throw (err);
                   //make admin
                  role.principals.create({
                    principalType: RoleMapping.USER,
                    principalId: users[0].id
                  }, function(err, principal) {
                    if (err) throw (err);
                  });
                });
            }
        });

By:

Role.create({
      name: 'admin'
    }, function(err, role) {
      if (err) throw (err);
       //make admin
      role.principals.create({
        principalType: RoleMapping.USER,
        principalId: users[0].id
      }, function(err, principal) {
        if (err) throw (err);
      });
    });

删除角色集合:db.Role.drop()并再次执行Loopback。

注意:我正在做同样的任务并为我工作。

本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)

nodejs

MongoDB

loopback

环回错误:需要授权 的相关文章

随机推荐

热门标签