环回中的角色无法正常工作并收到错误 401
Role in loopback not working properly getting error 401
你好,我是环回的新手,我一直在创建角色,use.So 基本上我想做的是创建 2 个角色,基于这些角色,我想限制一些用户访问一些 resources.The 问题是每次尝试 get 来自 api 的一些信息时,我得到这个
{
"error": {
"statusCode": 401,
"name": "Error",
"message": "Authorization Required",
"code": "AUTHORIZATION_REQUIRED",
"stack": "Error: Authorization Required\n at C:\Users\HP\Desktop\battle-horse\battle-horse\node_modules\loopback\lib\application.js:433:21\n at C:\Users\HP\Desktop\battle-horse\battle-horse\node_modules\loopback\lib\model.js:359:7\n at C:\Users\HP\Desktop\battle-horse\battle-horse\node_modules\loopback\common\models\acl.js:536:16\n at C:\Users\HP\Desktop\battle-horse\battle-horse\node_modules\async\dist\async.js:3888:9\n at C:\Users\HP\Desktop\battle-horse\battle-horse\node_modules\async\dist\async.js:473:16\n at iteratorCallback (C:\Users\HP\Desktop\battle-horse\battle-horse\node_modules\async\dist\async.js:1064:13)\n at C:\Users\HP\Desktop\battle-horse\battle-horse\node_modules\async\dist\async.js:969:16\n at C:\Users\HP\Desktop\battle-horse\battle-horse\node_modules\async\dist\async.js:3885:13\n at C:\Users\HP\Desktop\battle-horse\battle-horse\node_modules\loopback\common\models\acl.js:518:17\n at C:\Users\HP\Desktop\battle-horse\battle-horse\node_modules\loopback\common\models\role.js:447:21\n at _combinedTickCallback (internal/process/next_tick.js:131:7)\n at process._tickCallback (internal/process/next_tick.js:180:9)"
}
}
在我的应用程序中,我有 2 个模型:
1.Client (which extends build in User Model) and has role ```bs_client```
2.Admin(which also extends the build in User Model)
请注意,这些模型是使用 loopback cli 创建的,尚未创建任何关系。
lb model
我正在使用 Mongodb 作为数据库,这是我的数据源文件
"mongodb": {
"host": "",
"port": 0,
"url": "mongodb+srv://general:234234@#/#@##@?retryWrites=true&w=majority",
"database": "database",
"password": "password",
"name": "mongodb",
"user": "general",
"useNewUrlParser": true,
"includeSubDomains": true,
"useUnifiedTopology": true,
"connector": "mongodb"
}
我的 collections(Role、Rolemapping、Client 和 Access Token)中似乎已正确添加数据。
我正在使用此
在创建时动态地为每个客户端分配角色
Client.observe('after save', function setRole(ctx, next) {
if (ctx.instance) {
if (ctx.isNewInstance) {
// look up role based on type
//
app.models.Role.find({where: {name: 'bs_client'}}, function(err, role) {
if (err) { return console.log(err); }
if (role) {
app.models.RoleMapping.create({
principalType: app.models.RoleMapping.User,
principalId: ctx.instance.id,
roleId: role.id,
}, function(err, roleMapping) {
if (err) { return console.log(err); }
console.log('User assigned RoleID ' + role.id + ' (' + ctx.instance.type + ')');
});
};
});
}
} next();
});
这是我的 model-config.json
{
"_meta": {
"sources": [
"loopback/common/models",
"loopback/server/models",
"../common/models",
"./models"
],
"mixins": [
"loopback/common/mixins",
"loopback/server/mixins",
"../common/mixins",
"./mixins"
]
},
"User": {
"dataSource": "mongodb",
"public": false
},
"AccessToken": {
"dataSource": "mongodb",
"public": false
},
"ACL": {
"dataSource": "mongodb",
"public": false
},
"RoleMapping": {
"dataSource": "mongodb",
"public": true,
"options": {
"strictObjectIDCoercion": true
}
},
"Role": {
"dataSource": "mongodb",
"public": true
},
"Email": {
"dataSource": "Email"
},
"Client": {
"dataSource": "mongodb",
"public": true
},
}
并在 client.json
"acls": [
{
"accessType": "*",
"principalType": "CLIENT",
"principalId": "bs_client",
"permission": "DENY"
},
{
"accessType": "READ",
"principalType": "CLIENT",
"principalId": "bs_client",
"permission": "ALLOW"
},
{
"accessType": "EXECUTE",
"principalType": "CLIENT",
"principalId": "$authenticated",
"permission": "ALLOW",
"property": "create"
},
{
"accessType": "WRITE",
"principalType": "CLIENT",
"principalId": "bs_client",
"permission": "ALLOW"
}
],
在 https://loopback.io/doc/en/lb3/Model-property-reference.html 之后,一切都应该工作正常,为什么我无法使用上面的配置检索 "clients"。
提前致谢。
这一行在 "acls" 中的任何地方都应该是这样的:"principalType": "ROLE",
示例 ACL:
"acls": [
{
"accessType": "*",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "DENY"
},
{
"accessType": "READ",
"principalType": "ROLE",
"principalId": "$authenticated",
"permission": "ALLOW"
},
{
"accessType": "*",
"principalType": "ROLE",
"principalId": "admin",
"permission": "ALLOW"
}
],
你好,我是环回的新手,我一直在创建角色,use.So 基本上我想做的是创建 2 个角色,基于这些角色,我想限制一些用户访问一些 resources.The 问题是每次尝试 get 来自 api 的一些信息时,我得到这个
{
"error": {
"statusCode": 401,
"name": "Error",
"message": "Authorization Required",
"code": "AUTHORIZATION_REQUIRED",
"stack": "Error: Authorization Required\n at C:\Users\HP\Desktop\battle-horse\battle-horse\node_modules\loopback\lib\application.js:433:21\n at C:\Users\HP\Desktop\battle-horse\battle-horse\node_modules\loopback\lib\model.js:359:7\n at C:\Users\HP\Desktop\battle-horse\battle-horse\node_modules\loopback\common\models\acl.js:536:16\n at C:\Users\HP\Desktop\battle-horse\battle-horse\node_modules\async\dist\async.js:3888:9\n at C:\Users\HP\Desktop\battle-horse\battle-horse\node_modules\async\dist\async.js:473:16\n at iteratorCallback (C:\Users\HP\Desktop\battle-horse\battle-horse\node_modules\async\dist\async.js:1064:13)\n at C:\Users\HP\Desktop\battle-horse\battle-horse\node_modules\async\dist\async.js:969:16\n at C:\Users\HP\Desktop\battle-horse\battle-horse\node_modules\async\dist\async.js:3885:13\n at C:\Users\HP\Desktop\battle-horse\battle-horse\node_modules\loopback\common\models\acl.js:518:17\n at C:\Users\HP\Desktop\battle-horse\battle-horse\node_modules\loopback\common\models\role.js:447:21\n at _combinedTickCallback (internal/process/next_tick.js:131:7)\n at process._tickCallback (internal/process/next_tick.js:180:9)"
}
}
在我的应用程序中,我有 2 个模型:
1.Client (which extends build in User Model) and has role ```bs_client```
2.Admin(which also extends the build in User Model)
请注意,这些模型是使用 loopback cli 创建的,尚未创建任何关系。
lb model
我正在使用 Mongodb 作为数据库,这是我的数据源文件
"mongodb": {
"host": "",
"port": 0,
"url": "mongodb+srv://general:234234@#/#@##@?retryWrites=true&w=majority",
"database": "database",
"password": "password",
"name": "mongodb",
"user": "general",
"useNewUrlParser": true,
"includeSubDomains": true,
"useUnifiedTopology": true,
"connector": "mongodb"
}
我的 collections(Role、Rolemapping、Client 和 Access Token)中似乎已正确添加数据。
我正在使用此
在创建时动态地为每个客户端分配角色 Client.observe('after save', function setRole(ctx, next) {
if (ctx.instance) {
if (ctx.isNewInstance) {
// look up role based on type
//
app.models.Role.find({where: {name: 'bs_client'}}, function(err, role) {
if (err) { return console.log(err); }
if (role) {
app.models.RoleMapping.create({
principalType: app.models.RoleMapping.User,
principalId: ctx.instance.id,
roleId: role.id,
}, function(err, roleMapping) {
if (err) { return console.log(err); }
console.log('User assigned RoleID ' + role.id + ' (' + ctx.instance.type + ')');
});
};
});
}
} next();
});
这是我的 model-config.json
{
"_meta": {
"sources": [
"loopback/common/models",
"loopback/server/models",
"../common/models",
"./models"
],
"mixins": [
"loopback/common/mixins",
"loopback/server/mixins",
"../common/mixins",
"./mixins"
]
},
"User": {
"dataSource": "mongodb",
"public": false
},
"AccessToken": {
"dataSource": "mongodb",
"public": false
},
"ACL": {
"dataSource": "mongodb",
"public": false
},
"RoleMapping": {
"dataSource": "mongodb",
"public": true,
"options": {
"strictObjectIDCoercion": true
}
},
"Role": {
"dataSource": "mongodb",
"public": true
},
"Email": {
"dataSource": "Email"
},
"Client": {
"dataSource": "mongodb",
"public": true
},
}
并在 client.json
"acls": [
{
"accessType": "*",
"principalType": "CLIENT",
"principalId": "bs_client",
"permission": "DENY"
},
{
"accessType": "READ",
"principalType": "CLIENT",
"principalId": "bs_client",
"permission": "ALLOW"
},
{
"accessType": "EXECUTE",
"principalType": "CLIENT",
"principalId": "$authenticated",
"permission": "ALLOW",
"property": "create"
},
{
"accessType": "WRITE",
"principalType": "CLIENT",
"principalId": "bs_client",
"permission": "ALLOW"
}
],
在 https://loopback.io/doc/en/lb3/Model-property-reference.html 之后,一切都应该工作正常,为什么我无法使用上面的配置检索 "clients"。
提前致谢。
这一行在 "acls" 中的任何地方都应该是这样的:"principalType": "ROLE",
示例 ACL:
"acls": [
{
"accessType": "*",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "DENY"
},
{
"accessType": "READ",
"principalType": "ROLE",
"principalId": "$authenticated",
"permission": "ALLOW"
},
{
"accessType": "*",
"principalType": "ROLE",
"principalId": "admin",
"permission": "ALLOW"
}
],