Comments (8)
In your example, middleware will check if the user with id 'john' has 'write' permissions on the resource '/home'.
As I understand it, the resource node-acl will be checking against is '/home' with the leading slash rather than 'home' without the leading slash.
That said, in general resource names are just strings. If your resource name is 'xyz', that is fine. However, the middleware function expects resource names to be in a path format, with slashes.
from node_acl.
Also, unless you have some technical restrictions, I suggest you use the common HTTP verbs -- get, post, put, and delete -- rather than read, write, list, destroy.
from node_acl.
Thanks for your response.
I change the resource "home" for "/home", but still have this exception :
500 [object Object]
at new HttpError (E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\acl.js:489:11)
at E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\acl.js:532:14
at E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\acl.js:685:13
at Object.MemoryBackend.union (E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\memory-backend.js:78:7)
at E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\acl.js:679:22
at Object.MemoryBackend.union (E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\memory-backend.js:76:7)
at Acl._checkPermissions (E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\acl.js:666:16)
at Acl.areAnyRolesAllowed (E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\acl.js:387:10)
at E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\acl.js:359:12
at Object.MemoryBackend.get (E:\00_Work\99_Programmes\Enide-Studio\ws\TestProject\node_modules\acl\lib\memory-backend.js:55:7)
It's appear when permission mismatch. Can i catch it to make a redirection to "unauthorization" page ?
from node_acl.
I have an idea of what it may be. addUserRoles is asynchronous, so you may need to wait until each add user role operation is complete before continuing to the next statement. I don't know if this is the proper form, but the idea is that you nest your statements in the callback functions.
I suggest you look at the async node library for how to tidy up asynchronous statements. Google: node async
from node_acl.
You do not need async, all acl methods return promises, so you can use bluebird or whenjs
from node_acl.
Whoops, I must have overlooked that part when reading the docs.
-----Original Message-----
From: "Manuel Astudillo" [email protected]
Sent: 2/27/2014 2:52 PM
To: "OptimalBits/node_acl" [email protected]
Cc: "Isioma Nnodum" [email protected]
Subject: Re: [node_acl] problem with acl.middleware (#45)
You do not need async, all acl methods return promises, so you can use bluebird or whenjs
—
Reply to this email directly or view it on GitHub.
from node_acl.
assume that my user doesn"t have any role. Why exception? and why it's works when he can access?
from node_acl.
I don't know if this is still a problem for op. But since this issue is still open, i'll try to help here anyways ;)
If you use express, maybe adding an error handler like this does the trick:
// You need this to correctly route the error middleware
app.use(app.router);
app.use(function(err, req, res, next) {
// Move on if everything is alright
if(!err) return next();
// Something is wrong, inform user
res.send( err.msg, err.errorCode );
});
from node_acl.
Related Issues (20)
- redisBackend do not suport redis cluster instance.
- RBAC or ACL? HOT 3
- Can not work with redisBackend HOT 1
- Max mongo document size HOT 2
- since table for allows? HOT 3
- Deprecation warnings given for mongodb-backend.js HOT 1
- remove user HOT 3
- Checking Access Based Upon Role Instead of User
- Question: bulk userRoles
- I need superadmin, what can i do with node_acl? HOT 5
- potential memory leak when using memory backend?
- updating to mongo 4.0 causes issue with select {_bucketname: 0}, not working HOT 1
- self.db.collection is not a function HOT 2
- Alternative for microservices architecture
- NPM found 1 high severity vulnerability (mongodb must be >=3.1.13) HOT 4
- Is this project dead? HOT 4
- [email protected] vulnerability issue with [email protected] HOT 3
- DeprecationWarning: collection.update is deprecated. Use updateOne, updateMany, or bulkWrite instead.
- has removeResource been abandoned ? HOT 2
- Missing index on `key` property on Mongodb
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from node_acl.