2017-03-05 77 views
1

我有這種模式在customers.json,訪問控制列表:如何在Loopback 3中定義管理角色?

"acls": [ 
{ 
    "accessType": "*", 
    "principalType": "ROLE", 
    "principalId": "$everyone", 
    "permission": "DENY" 
}, 
{ 
    "accessType": "READ", 
    "principalType": "ROLE", 
    "principalId": "admin", 
    "permission": "ALLOW", 
    "through": "RoleMapping" 
} 
] 

,我已經環回用戶該用戶模型庫:

{ 
"name": "userModel", 
"base": "User", 
... 
} 

"relations": { 
"roles": { 
    "type": "hasMany", 
    "model": "Role", 
    "foreignKey": "principalId" 
} 
}, 

我在http://localhost:3000/explorer在RoleMapping定義:

{ 
"id": "58b82f1dbd7b9f1a601646cf", 
"principalType": "USER", 
"principalId": "58b82ec9bd7b9f1a601646ce", 
"roleId": "5570fb69a1227c8c039293da" 
} 

但是當我嘗試展示客戶時,我總是得到401未授權的錯誤。 如果有人能幫助我,我會很高興。

回答

0

您是否在Loopback Explorer中設置了令牌?

當您在迴環啓用ACL必須登錄使用終點/用戶/註冊

{"username":"john", "password": "abc123"} 

然後從響應到令牌字段複製並粘貼ID

+0

謝謝,它的工作 – oded