如何从环回API获取当前用户的数据？

Question

我正在使用环回创建 API。到目前为止，我已经能够设置我需要的所有模型。我们如何设置这些端点，以便它们只显示已登录用户的数据？

例如，用户A在数据库中添加了一些数据，用户B在数据库中添加了一些其他数据。现在，如果用户 A 已登录，我只想获取 A 添加的数据。截至目前，我正在获取数据库中存在的所有数据。

我的模型JSON如下：

{
  "name": "IPs",
  "base": "PersistedModel",
  "idInjection": true,
  "options": {
    "validateUpsert": true
  },
  "properties": {
    "identifier": {
      "type": "string"
    },
    "IP": {
      "type": "array"
    },
    "type": {
      "type": "string"
    },
    "plugins": {
      "type": "array"
    }
  },
  "validations": [],
  "relations": {},
  "acls": [
    {
      "accessType": "*",
      "principalType": "ROLE",
      "principalId": "$unauthenticated",
      "permission": "DENY"
    }
  ],
  "methods": {}
}

而JS如下：

module.exports = function(IPs) {



};

Answer 1

将模型的 principalId 从 $unauthenticated 更改为 $owner

来自loopback documentation的注释：

To qualify a $owner, the target model needs to have a belongsTo relation to the User model (or a model that extends User) and property matching the foreign key of the target model instance. The check for $owner is performed only for a remote method that has ‘:id’ on the path, for example, GET /api/users/:id.